Search

Find a vulnerability

Search criteria

    752 vulnerabilities by RED

    VAR-201410-1418

    Vulnerability from variot - Updated: 2026-04-10 23:34

    The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. OpenSSL is prone to an information disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. The following versions are vulnerable: OpenSSL 0.9.8 prior to 0.9.8zc OpenSSL 1.0.0 prior to 1.0.0o OpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program's use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014] =======================================

    SRTP Memory Leak (CVE-2014-3513)

    Severity: High

    A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.

    This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.

    The fix was developed by the OpenSSL team.

    Session Ticket Memory Leak (CVE-2014-3567)

    Severity: Medium

    When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack.

    This issue was reported to OpenSSL on 8th October 2014.

    The fix was developed by Stephen Henson of the OpenSSL core team.

    SSL 3.0 Fallback protection

    Severity: Medium

    OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.

    Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE (CVE-2014-3566).

    https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 https://www.openssl.org/~bodo/ssl-poodle.pdf

    Support for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller.

    Build option no-ssl3 is incomplete (CVE-2014-3568)

    Severity: Low

    When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.

    This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.

    The fix was developed by Akamai and the OpenSSL team.

    References

    URL for this Security Advisory: https://www.openssl.org/news/secadv_20141015.txt

    Note: the online version of the advisory may be updated with additional details over time.

    For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html

    . The following firmware versions of Virtual Connect (VC) are impacted:

    HPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45 HPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21

    Note: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800, CVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and CVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201507-14


                                           https://security.gentoo.org/
    

    Severity: Normal Title: Oracle JRE/JDK: Multiple vulnerabilities Date: July 10, 2015 Bugs: #537214 ID: 201507-14


    Synopsis

    Multiple vulnerabilities have been found in Oracle JRE/JDK, allowing both local and remote attackers to compromise various Java components. Please review the CVE identifiers referenced below for details.

    Impact

    An context-dependent attacker may be able to influence the confidentiality, integrity, and availability of Java applications/runtime.

    Workaround

    There is no workaround at this time.

    Resolution

    All Oracle JRE 8 users should upgrade to the latest stable version:

    emerge --sync

    emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.8.0.31

    All Oracle JDK 8 users should upgrade to the latest stable version:

    emerge --sync

    emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.8.0.31

    All Oracle JRE 7 users should upgrade to the latest version:

    emerge --sync

    emerge --ask --oneshot --verbose ">=dev-java/oracle-jre-bin-1.7.0.76

    All Oracle JDK 7 users should upgrade to the latest stable version:

    emerge --sync

    emerge --ask --oneshot --verbose ">=dev-java/oracle-jdk-bin-1.7.0.76

    References

    [ 1 ] CVE-2014-3566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566 [ 2 ] CVE-2014-6549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549 [ 3 ] CVE-2014-6585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585 [ 4 ] CVE-2014-6587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587 [ 5 ] CVE-2014-6591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591 [ 6 ] CVE-2014-6593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593 [ 7 ] CVE-2014-6601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601 [ 8 ] CVE-2015-0383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383 [ 9 ] CVE-2015-0395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395 [ 10 ] CVE-2015-0400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400 [ 11 ] CVE-2015-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403 [ 12 ] CVE-2015-0406 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406 [ 13 ] CVE-2015-0407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407 [ 14 ] CVE-2015-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408 [ 15 ] CVE-2015-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410 [ 16 ] CVE-2015-0412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412 [ 17 ] CVE-2015-0413 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413 [ 18 ] CVE-2015-0421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201507-14

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 .

    HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: java-1.7.0-ibm security update Advisory ID: RHSA-2014:1876-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-1876.html Issue date: 2014-11-19 CVE Names: CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 =====================================================================

    1. Summary:

    Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary.

    Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64

    1. Description:

    IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.

    This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2014-3065, CVE-2014-3566, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558)

    The CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat Product Security.

    Note: With this update, the IBM SDK now disables the SSL 3.0 protocol to address the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM article linked to in the References section for additional details about this change and instructions on how to re-enable SSL 3.0 support if needed.

    All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR8 release. All running instances of IBM Java must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509) 1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564) 1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274) 1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797) 1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066) 1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846) 1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540) 1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment) 1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment) 1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) 1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment) 1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack 1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm

    x86_64: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm

    ppc: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm

    s390x: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm

    x86_64: java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm java-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2014-3065 https://access.redhat.com/security/cve/CVE-2014-3566 https://access.redhat.com/security/cve/CVE-2014-4288 https://access.redhat.com/security/cve/CVE-2014-6456 https://access.redhat.com/security/cve/CVE-2014-6457 https://access.redhat.com/security/cve/CVE-2014-6458 https://access.redhat.com/security/cve/CVE-2014-6476 https://access.redhat.com/security/cve/CVE-2014-6492 https://access.redhat.com/security/cve/CVE-2014-6493 https://access.redhat.com/security/cve/CVE-2014-6502 https://access.redhat.com/security/cve/CVE-2014-6503 https://access.redhat.com/security/cve/CVE-2014-6506 https://access.redhat.com/security/cve/CVE-2014-6511 https://access.redhat.com/security/cve/CVE-2014-6512 https://access.redhat.com/security/cve/CVE-2014-6515 https://access.redhat.com/security/cve/CVE-2014-6527 https://access.redhat.com/security/cve/CVE-2014-6531 https://access.redhat.com/security/cve/CVE-2014-6532 https://access.redhat.com/security/cve/CVE-2014-6558 https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ https://www-01.ibm.com/support/docview.wss?uid=swg21688165

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY ehbScogUJnSordhBH11LgWQ= =ko7F -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    ftp://ssl098zc:Secure12@ftp.usa.hp.com

    User name: ssl098zc Password: (NOTE: Case sensitive) Secure12

    HP-UX Release HP-UX OpenSSL version

    B.11.11 (11i v1) A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot

    B.11.23 (11i v2) A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot

    B.11.31 (11i v3) A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot

    MANUAL ACTIONS: Yes - Update

    Install OpenSSL A.00.09.08zc or subsequent

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    The update is available from HPE Software Depot: https://h20392.www2.hpe.com/ portal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com

    Note: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade to OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported through March 28, 2016. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04496538

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c04496538 Version: 1

    HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL, Remote Disclosure of Information

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2014-11-10 Last Updated: 2014-11-10

    Potential Security Impact: Remote disclosure of information

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP IceWall SSO Dfw , SSO Certd, and MCRP running OpenSSL.

    This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "Poodle", which could be exploited remotely resulting in disclosure of information..

    References: CVE-2014-3566 (SSRT101789)

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

    • HP IceWall MCRP v2.1, v3.0
    • HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0
    • HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2014-3566 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION

    HP recommends the following software updates and workaround instructions to resolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP.

    The software updates are available at:

     http://www.hp.com/jp/icewall_patchaccess
    

    Notes:

    - There are no updates or mitigations for MCRP 2.1 and Dfw
    

    8.0/8.0R1/8.0R2/8.0R3. - HP recommends updating these older versions to the latest versions and patches and then following the WORKAROUND INSTRUCTIONS below. - The WORKAROUND INSTRUCTIONS should be followed after applying the following updates.

    Software Update Versions

    HP IceWall MCRP 3.0 Patch release 1
    
    HP IceWall SSO Dfw 10.0 Patch release 7
    

    Note: Both software update versions provide the use of TLSv1 which is not vulnerable and available for each supported platform.

    WORKAROUND INSTRUCTIONS

    HP recommends the following information to protect against potential risk for the following HP IceWall products.

    HP IceWall SSO Dfw and MCRP
    
      - If possible, do not use the SHOST setting which allows IceWall SSO
    

    Dfw or MCRP to use SSL/TLS protocol to back-end web servers.

      - The following steps should be applied if SSL/TLS protocol to back-end
    

    web servers must be used:

        o For MCRP: apply MCRP patch release 1
        o For Dfw: apply Dfw patch release 7 or later
        o Set SSL_PROTOCOL parameter to TLSv1
    
    HP IceWall SSO Certd
    
      - For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2
    
      - If possible, do not use the LDAPSSL setting which allows IceWall SSO
    

    Certd to connect to the LDAP server using SSL/TLS protocol.

      - If SSL/TLS protocol must be used to LDAP server, configure the LDAP
    

    server to use only TLSv1 as a mitigation for the vulnerability. For example, on an OpenLDAP server (slapd), Set the TLSProtocolMin parameter.

    Note: The HP IceWall product is only available in Japan.

    HISTORY Version:1 (rev.1) - 10 November 2014 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

    Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

    Copyright 2014 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

    HP SiteScope 11.1x HP SiteScope 11.2x

    Important note: HP SiteScope is impacted if and only if it is configured to work over secure channel (HTTPS). This protocol is now disabled by default.

    For the oldstable distribution (wheezy), this problem has been fixed in version 1.4.31-4+deb7u4.

    We recommend that you upgrade your lighttpd packages

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ibm",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "aix",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ibm",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "suse linux enterprise software development kit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8u"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8o"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "12.3"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8w"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1f"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.9"
          },
          {
            "_id": null,
            "model": "suse linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "suse linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8x"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "21"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8za"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0b"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "19"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0m"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8p"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.1.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.0"
          },
          {
            "_id": null,
            "model": "database",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "11.2.0.4"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.7"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1b"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8z"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.1.5"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.1"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "suse linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "suse linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8v"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.0.12"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1h"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.3"
          },
          {
            "_id": null,
            "model": "mageia",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mageia",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0j"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.2.5"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8zb"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1e"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.4"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8e"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.0.11"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8q"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0n"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8f"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.0.10"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "suse linux enterprise software development kit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.5"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.2.3"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "suse linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0e"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.3.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8k"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.1.4"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8i"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.2.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1d"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.3.2"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0.6"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8r"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8t"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.2.4"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8m"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1g"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.0.13"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8n"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0h"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.1.4"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.3.4"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.1.3"
          },
          {
            "_id": null,
            "model": "suse linux enterprise desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "novell",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0a"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.3.3"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "mageia",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mageia",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8s"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.2.0"
          },
          {
            "_id": null,
            "model": "database",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.1.0.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0l"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8y"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.1"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.6"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.3.1"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.1.8"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0c"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.0i"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "20"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "1.0.1a"
          },
          {
            "_id": null,
            "model": "vios",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ibm",
            "version": "2.2.2.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netbsd",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.17"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "windows vista service pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "20"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.12"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "fortigate",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "4.3.6"
          },
          {
            "_id": null,
            "model": "integrated lights out",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "21.16"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0d",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment 5.1.fix pack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8.780"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.11"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.1"
          },
          {
            "_id": null,
            "model": "meeting exchange sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1"
          },
          {
            "_id": null,
            "model": "unified contact center enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.10"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.1"
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "78000"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.842"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.4"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.5"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ace appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "47100"
          },
          {
            "_id": null,
            "model": "aura system platform sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8w",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.8"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.15"
          },
          {
            "_id": null,
            "model": "operations agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "70000"
          },
          {
            "_id": null,
            "model": "wireless location appliance",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "open source",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "asterisk",
            "version": "1.8.3.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8m",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "meeting exchange sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.37"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0.0.52"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3"
          },
          {
            "_id": null,
            "model": "tivoli directory server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.0.2"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "websphere process server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "commonstore for lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.7"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8r",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8n",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.0.820"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "project openssl beta4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "rational policy tester",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "websphere lombardi edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "project openssl beta5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.23"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.6"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "meeting exchange sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8p",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.15"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.1.830"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.31"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.14"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "network collector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "esxi",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "networks sa2000",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.13"
          },
          {
            "_id": null,
            "model": "directory pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cosmicperl",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.15"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.770"
          },
          {
            "_id": null,
            "model": "meeting exchange sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.03"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "tivoli storage productivity center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2.1.185"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8q",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "networks sa6500 fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003x64"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.10.800"
          },
          {
            "_id": null,
            "model": "ssl for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.4-453"
          },
          {
            "_id": null,
            "model": "windows server r2 for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.0"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.5"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.1c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "cics transaction gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.5"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.17"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8v"
          },
          {
            "_id": null,
            "model": "websphere lombardi edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.7"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.0.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.27"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "windows server for x64-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8g",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.2"
          },
          {
            "_id": null,
            "model": "meeting exchange sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0.860"
          },
          {
            "_id": null,
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.13"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.0"
          },
          {
            "_id": null,
            "model": "runtimes for java technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.19"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "networks sa6000 fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.840"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.25"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.5"
          },
          {
            "_id": null,
            "model": "aura system manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.116"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8l",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.740"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.5.5.2"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.6"
          },
          {
            "_id": null,
            "model": "windows server itanium sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "ediscovery analyzer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0i",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.2"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli directory server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment intirim fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.133"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "network automation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0e",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "rational method composer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.4"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "tivoli directory server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "version control agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "sitescope",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.1"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ssl for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2.2.835"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.35"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8x"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.1.4"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.3"
          },
          {
            "_id": null,
            "model": "tivoli directory server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8t",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.39"
          },
          {
            "_id": null,
            "model": "tivoli netcool/omnibus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.4"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.3"
          },
          {
            "_id": null,
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.5"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tivoli netcool performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "network automation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0c",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "forticlient",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5.760"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "fortigate",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "4.3.5"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.4.27"
          },
          {
            "_id": null,
            "model": "phaser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "67000"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "telepresence video communication server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rational team concert",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.2"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0f",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "windows for 32-bit systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "windows server for itanium-based systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "windows for x64-based systems sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "7"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "tivoli management framework",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "windows server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2003"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.0.2"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1.730"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.0.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0j",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0b",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.21"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "sitescope",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.10"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.6"
          },
          {
            "_id": null,
            "model": "windows server for 32-bit systems sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "microsoft",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tivoli business service manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.11"
          },
          {
            "_id": null,
            "model": "operations agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.01"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.2"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.03"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.7"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.19"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "aura experience portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "_id": null,
            "model": "websphere mq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1.5"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.31"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.1"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.8"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "performance manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.00"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.0.4"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.0.1"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "5"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "network analysis module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "web experience factory",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.17"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.02"
          },
          {
            "_id": null,
            "model": "rational software architect",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.19"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "_id": null,
            "model": "network node manager i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.00"
          },
          {
            "_id": null,
            "model": "cics transaction gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager for os deployment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.3"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.8"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "lotus domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "aura messaging",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.4"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8o",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "aura system platform sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.1"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "runtimes for java technology",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2.9"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tivoli provisioning manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.1.1.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "tivoli common reporting",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "project openssl 0.9.8s",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.841"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "rational clearquest",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.6"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.2.7"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "_id": null,
            "model": "web interface",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.4"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.1.5"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5"
          },
          {
            "_id": null,
            "model": "emergency responder",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.021"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "9000"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "rational clearcase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.1.2.2"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7.770"
          },
          {
            "_id": null,
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "8.0.0.0"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "nexus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "30000"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "asset manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4.750"
          },
          {
            "_id": null,
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.1"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "project openssl 1.0.0a",
            "scope": null,
            "trust": 0.3,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "version control repository manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9.790"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70574"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3566"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "HP",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "137294"
          },
          {
            "db": "PACKETSTORM",
            "id": "129266"
          },
          {
            "db": "PACKETSTORM",
            "id": "130334"
          },
          {
            "db": "PACKETSTORM",
            "id": "128921"
          },
          {
            "db": "PACKETSTORM",
            "id": "136577"
          },
          {
            "db": "PACKETSTORM",
            "id": "129071"
          },
          {
            "db": "PACKETSTORM",
            "id": "129065"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2014-3566",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2014-3566",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-71506",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 1.6,
                "id": "CVE-2014-3566",
                "impactScore": 1.4,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-3566",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-71506",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2014-3566",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3566"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3566"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the \"POODLE\" issue. OpenSSL is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks and obtain sensitive information. Successful exploits will lead to other attacks. \nThe following versions are vulnerable:\nOpenSSL 0.9.8 prior to 0.9.8zc\nOpenSSL 1.0.0 prior to 1.0.0o\nOpenSSL 1.0.1 prior to 1.0.1j. SSL protocol is the abbreviation of Secure Socket Layer protocol (Secure Socket Layer) developed by Netscape, which provides security and data integrity guarantee for Internet communication. The vulnerability is caused by the program\u0027s use of non-deterministic CBC padding. OpenSSL Security Advisory [15 Oct 2014]\n=======================================\n\nSRTP Memory Leak (CVE-2014-3513)\n================================\n\nSeverity: High\n\nA flaw in the DTLS SRTP extension parsing code allows an attacker, who\nsends a carefully crafted handshake message, to cause OpenSSL to fail\nto free up to 64k of memory causing a memory leak. This could be\nexploited in a Denial Of Service attack. This issue affects OpenSSL\n1.0.1 server implementations for both SSL/TLS and DTLS regardless of\nwhether SRTP is used or configured. Implementations of OpenSSL that\nhave been compiled with OPENSSL_NO_SRTP defined are not affected. \n\nThis issue was reported to OpenSSL on 26th September 2014, based on an original\nissue and patch developed by the LibreSSL project. Further analysis of the issue\nwas performed by the OpenSSL team. \n\nThe fix was developed by the OpenSSL team. \n\n\nSession Ticket Memory Leak (CVE-2014-3567)\n==========================================\n\nSeverity: Medium\n\nWhen an OpenSSL SSL/TLS/DTLS server receives a session ticket the\nintegrity of that ticket is first verified. In the event of a session\nticket integrity check failing, OpenSSL will fail to free memory\ncausing a memory leak. By sending a large number of invalid session\ntickets an attacker could exploit this issue in a Denial Of Service\nattack. \n\nThis issue was reported to OpenSSL on 8th October 2014. \n\nThe fix was developed by Stephen Henson of the OpenSSL core team. \n\n\nSSL 3.0 Fallback protection\n===========================\n\nSeverity: Medium\n\nOpenSSL has added support for TLS_FALLBACK_SCSV to allow applications\nto block the ability for a MITM attacker to force a protocol\ndowngrade. \n\nSome client applications (such as browsers) will reconnect using a\ndowngraded protocol to work around interoperability bugs in older\nservers. This could be exploited by an active man-in-the-middle to\ndowngrade connections to SSL 3.0 even if both sides of the connection\nsupport higher protocols. SSL 3.0 contains a number of weaknesses\nincluding POODLE (CVE-2014-3566). \n\nhttps://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\nhttps://www.openssl.org/~bodo/ssl-poodle.pdf\n\nSupport for TLS_FALLBACK_SCSV was developed by Adam Langley and Bodo Moeller. \n\n\nBuild option no-ssl3 is incomplete (CVE-2014-3568)\n==================================================\n\nSeverity: Low\n\nWhen OpenSSL is configured with \"no-ssl3\" as a build option, servers\ncould accept and complete a SSL 3.0 handshake, and clients could be\nconfigured to send them. \n\nThis issue was reported to OpenSSL by Akamai Technologies on 14th October 2014. \n\nThe fix was developed by Akamai and the OpenSSL team. \n\n\nReferences\n==========\n\nURL for this Security Advisory:\nhttps://www.openssl.org/news/secadv_20141015.txt\n\nNote: the online version of the advisory may be updated with additional\ndetails over time. \n\nFor details of OpenSSL severity classifications please see:\nhttps://www.openssl.org/about/secpolicy.html\n\n. \nThe following firmware versions of Virtual Connect (VC) are impacted:\n\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 4.30 through VC 4.45\nHPE BladeSystem c-Class Virtual Connect (VC) Firmware 3.62 through VC 4.21\n\nNote: Firmware versions 3.62 through 4.21 are not impacted by CVE-2016-0800,\nCVE-2015-3194, CVE-2014-3566, CVE-2015-0705, CVE-2016-0799, and\nCVE-2016-2842. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201507-14\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Oracle JRE/JDK: Multiple vulnerabilities\n     Date: July 10, 2015\n     Bugs: #537214\n       ID: 201507-14\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Oracle JRE/JDK, allowing\nboth local and remote attackers to compromise various Java components. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nAn context-dependent attacker may be able to influence the\nconfidentiality, integrity, and availability of Java\napplications/runtime. \n\nWorkaround\n==========\n\nThere is no workaround at this time. \n\nResolution\n==========\n\nAll Oracle JRE 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.8.0.31\n\nAll Oracle JDK 8 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.8.0.31\n\nAll Oracle JRE 7 users should upgrade to the latest version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jre-bin-1.7.0.76\n\nAll Oracle JDK 7 users should upgrade to the latest stable version:\n\u003ccode\u003e\n# emerge --sync\n# emerge --ask --oneshot --verbose \"\u003e=dev-java/oracle-jdk-bin-1.7.0.76\n\nReferences\n==========\n\n[  1 ] CVE-2014-3566\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3566\n[  2 ] CVE-2014-6549\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6549\n[  3 ] CVE-2014-6585\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6585\n[  4 ] CVE-2014-6587\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6587\n[  5 ] CVE-2014-6591\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6591\n[  6 ] CVE-2014-6593\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6593\n[  7 ] CVE-2014-6601\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-6601\n[  8 ] CVE-2015-0383\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0383\n[  9 ] CVE-2015-0395\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0395\n[ 10 ] CVE-2015-0400\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0400\n[ 11 ] CVE-2015-0403\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0403\n[ 12 ] CVE-2015-0406\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0406\n[ 13 ] CVE-2015-0407\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0407\n[ 14 ] CVE-2015-0408\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0408\n[ 15 ] CVE-2015-0410\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0410\n[ 16 ] CVE-2015-0412\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0412\n[ 17 ] CVE-2015-0413\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0413\n[ 18 ] CVE-2015-0421\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0421\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201507-14\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2015 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\n  HP CMS: UCMDB Browser all supported versions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: java-1.7.0-ibm security update\nAdvisory ID:       RHSA-2014:1876-01\nProduct:           Red Hat Enterprise Linux Supplementary\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2014-1876.html\nIssue date:        2014-11-19\nCVE Names:         CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 \n                   CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 \n                   CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 \n                   CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 \n                   CVE-2014-6511 CVE-2014-6512 CVE-2014-6515 \n                   CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 \n                   CVE-2014-6558 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.7.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 Supplementary. \n\nRed Hat Product Security has rated this update as having Critical security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64\n\n3. Description:\n\nIBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM\nJava Software Development Kit. \n\nThis update fixes several vulnerabilities in the IBM Java Runtime\nEnvironment and the IBM Java Software Development Kit. Detailed\nvulnerability descriptions are linked from the IBM Security alerts\npage, listed in the References section. (CVE-2014-3065, CVE-2014-3566,\nCVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,\nCVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,\nCVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,\nCVE-2014-6532, CVE-2014-6558)\n\nThe CVE-2014-6512 issue was discovered by Florian Weimer of Red Hat\nProduct Security. \n\nNote: With this update, the IBM SDK now disables the SSL 3.0 protocol to\naddress the CVE-2014-3566 issue (also known as POODLE). Refer to the IBM\narticle linked to in the References section for additional details about\nthis change and instructions on how to re-enable SSL 3.0 support if needed. \n\nAll users of java-1.7.0-ibm are advised to upgrade to these updated\npackages, containing the IBM Java SE 7 SR8 release. All running instances\nof IBM Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1071210 - CVE-2014-6512 OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)\n1150155 - CVE-2014-6506 OpenJDK: insufficient permission checks when setting resource bundle on system logger (Libraries, 8041564)\n1150651 - CVE-2014-6531 OpenJDK: insufficient ResourceBundle name check (Libraries, 8044274)\n1150669 - CVE-2014-6502 OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)\n1151046 - CVE-2014-6457 OpenJDK: Triple Handshake attack against TLS/SSL connections (JSSE, 8037066)\n1151063 - CVE-2014-6558 OpenJDK: CipherInputStream incorrect exception handling (Security, 8037846)\n1151517 - CVE-2014-6511 ICU: Layout Engine ContextualSubstitution missing boundary checks (JDK 2D, 8041540)\n1152756 - CVE-2014-6532 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152757 - CVE-2014-6503 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152758 - CVE-2014-6456 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152759 - CVE-2014-6492 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152760 - CVE-2014-6493 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152761 - CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152763 - CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152765 - CVE-2014-6476 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152766 - CVE-2014-6515 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)\n1152767 - CVE-2014-6527 Oracle JDK: unspecified vulnerability fixed in 7u71 and 8u25 (Deployment)\n1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack\n1162554 - CVE-2014-3065 IBM JDK: privilege escalation via shared class cache\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\n\nppc:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.ppc64.rpm\n\ns390x:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.s390x.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.s390x.rpm\n\nx86_64:\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-demo-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-devel-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-jdbc-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-plugin-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.i386.rpm\njava-1.7.0-ibm-src-1.7.0.8.0-1jpp.1.el5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3065\nhttps://access.redhat.com/security/cve/CVE-2014-3566\nhttps://access.redhat.com/security/cve/CVE-2014-4288\nhttps://access.redhat.com/security/cve/CVE-2014-6456\nhttps://access.redhat.com/security/cve/CVE-2014-6457\nhttps://access.redhat.com/security/cve/CVE-2014-6458\nhttps://access.redhat.com/security/cve/CVE-2014-6476\nhttps://access.redhat.com/security/cve/CVE-2014-6492\nhttps://access.redhat.com/security/cve/CVE-2014-6493\nhttps://access.redhat.com/security/cve/CVE-2014-6502\nhttps://access.redhat.com/security/cve/CVE-2014-6503\nhttps://access.redhat.com/security/cve/CVE-2014-6506\nhttps://access.redhat.com/security/cve/CVE-2014-6511\nhttps://access.redhat.com/security/cve/CVE-2014-6512\nhttps://access.redhat.com/security/cve/CVE-2014-6515\nhttps://access.redhat.com/security/cve/CVE-2014-6527\nhttps://access.redhat.com/security/cve/CVE-2014-6531\nhttps://access.redhat.com/security/cve/CVE-2014-6532\nhttps://access.redhat.com/security/cve/CVE-2014-6558\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://www.ibm.com/developerworks/java/jdk/alerts/\nhttps://www-01.ibm.com/support/docview.wss?uid=swg21688165\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFUbOWGXlSAg2UNWIIRAhPmAJ96YO5JFEg4GS1MkDIeXQkRxbN0hACgoUiY\nehbScogUJnSordhBH11LgWQ=\n=ko7F\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nftp://ssl098zc:Secure12@ftp.usa.hp.com\n\nUser name: ssl098zc Password: (NOTE: Case sensitive) Secure12\n\nHP-UX Release\n HP-UX OpenSSL version\n\nB.11.11 (11i v1)\n A.00.09.08zc.001_HP-UX_B.11.11_32+64.depot\n\nB.11.23 (11i v2)\n A.00.09.08zc.002_HP-UX_B.11.23_IA-PA.depot\n\nB.11.31 (11i v3)\n A.00.09.08zc.003_HP-UX_B.11.31_IA-PA.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall OpenSSL A.00.09.08zc or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nThe update is available from HPE Software Depot: https://h20392.www2.hpe.com/\nportal/swdepot/displayProductInfo.do?productNumber=HPVPRhttps://www.hpe.com\n\nNote: HPE recommends customers using OV4VC 7.8.1 and earlier should upgrade\nto OV4VC 7.8.2. This addresses all SSL security vulnerabilities reported\nthrough March 28, 2016. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c04496538\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04496538\nVersion: 1\n\nHPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL,\nRemote Disclosure of Information\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2014-11-10\nLast Updated: 2014-11-10\n\nPotential Security Impact: Remote disclosure of information\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP IceWall SSO\nDfw , SSO Certd, and MCRP running OpenSSL. \n\nThis is the SSLv3 vulnerability known as \"Padding Oracle on Downgraded Legacy\nEncryption\" or \"Poodle\", which could be exploited remotely resulting in\ndisclosure of information.. \n\nReferences: CVE-2014-3566 (SSRT101789)\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HP IceWall MCRP v2.1, v3.0\n  - HP IceWall SSO Dfw v8.0, v8.0 R1, v8.0 R2, v8.0 R3, and v10.0\n  - HP IceWall SSO Certd v8.0R3 with DB plugin patch 2 and v10.0\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2014-3566    (AV:N/AC:M/Au:N/C:P/I:N/A:N)       4.3\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP recommends the following software updates and workaround instructions to\nresolve this vulnerability for HP IceWall SSO Dfw, SSO Certd, and MCRP. \n\n  The software updates are available at:\n\n     http://www.hp.com/jp/icewall_patchaccess\n\n  Notes:\n\n    - There are no updates or mitigations for MCRP 2.1 and Dfw\n8.0/8.0R1/8.0R2/8.0R3. \n    - HP recommends updating these older versions to the latest versions and\npatches and then following the WORKAROUND INSTRUCTIONS below. \n    - The WORKAROUND INSTRUCTIONS should be followed after applying the\nfollowing updates. \n\n  Software Update Versions\n\n    HP IceWall MCRP 3.0 Patch release 1\n\n    HP IceWall SSO Dfw 10.0 Patch release 7\n\n  Note: Both software update versions provide the use of TLSv1 which is not\nvulnerable and available for each supported platform. \n\nWORKAROUND INSTRUCTIONS\n\n  HP recommends the following information to protect against potential risk\nfor the following HP IceWall products. \n\n    HP IceWall SSO Dfw and MCRP\n\n      - If possible, do not use the SHOST setting which allows IceWall SSO\nDfw or MCRP to use SSL/TLS protocol to back-end web servers. \n\n      - The following steps should be applied if SSL/TLS protocol to back-end\nweb servers must be used:\n\n        o For MCRP: apply MCRP patch release 1\n        o For Dfw: apply Dfw patch release 7 or later\n        o Set SSL_PROTOCOL parameter to TLSv1\n\n    HP IceWall SSO Certd\n\n      - For Certd version 10.0 and 8.0R3: apply DB plugin patch release 2\n\n      - If possible, do not use the LDAPSSL setting which allows IceWall SSO\nCertd to connect to the LDAP server using SSL/TLS protocol. \n\n      - If SSL/TLS protocol must be used to LDAP server, configure the LDAP\nserver to use only TLSv1 as a mitigation for the vulnerability. For example,\non an OpenLDAP server (slapd), Set the TLSProtocolMin parameter. \n\nNote: The HP IceWall product is only available in Japan. \n\nHISTORY\nVersion:1 (rev.1) - 10 November 2014 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttps://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2014 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \n\nHP SiteScope 11.1x\nHP SiteScope 11.2x\n\nImportant note: HP SiteScope is impacted if and only if it is configured to\nwork over secure channel (HTTPS). This protocol is now disabled by default. \n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.31-4+deb7u4. \n\nWe recommend that you upgrade your lighttpd packages",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-3566"
          },
          {
            "db": "BID",
            "id": "70574"
          },
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3566"
          },
          {
            "db": "PACKETSTORM",
            "id": "169664"
          },
          {
            "db": "PACKETSTORM",
            "id": "137294"
          },
          {
            "db": "PACKETSTORM",
            "id": "132641"
          },
          {
            "db": "PACKETSTORM",
            "id": "129266"
          },
          {
            "db": "PACKETSTORM",
            "id": "129178"
          },
          {
            "db": "PACKETSTORM",
            "id": "130334"
          },
          {
            "db": "PACKETSTORM",
            "id": "128921"
          },
          {
            "db": "PACKETSTORM",
            "id": "136577"
          },
          {
            "db": "PACKETSTORM",
            "id": "129071"
          },
          {
            "db": "PACKETSTORM",
            "id": "129065"
          },
          {
            "db": "PACKETSTORM",
            "id": "135908"
          }
        ],
        "trust": 2.34
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-71506",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-3566",
            "trust": 2.6
          },
          {
            "db": "BID",
            "id": "70574",
            "trust": 1.4
          },
          {
            "db": "ICS CERT",
            "id": "ICSMA-18-058-02",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61130",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61995",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "60792",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61019",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61316",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61827",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61782",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "60056",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61810",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61819",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61825",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "60206",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61303",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61359",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61345",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "59627",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "60859",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "61926",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031120",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031106",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031124",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031091",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031095",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031088",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031093",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031105",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031094",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031087",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031090",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031107",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031132",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031085",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031039",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031096",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031131",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031029",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031123",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031086",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031130",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031092",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1031089",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA14-290A",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10091",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10104",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10090",
            "trust": 1.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#577193",
            "trust": 1.1
          },
          {
            "db": "JUNIPER",
            "id": "JSA10705",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128921",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "129065",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "129266",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "132641",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "136577",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "130334",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "129071",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "135908",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "131009",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130184",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131051",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128838",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130217",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130296",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129150",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132084",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132573",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131354",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128969",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132469",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128669",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128866",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129265",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129217",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "136599",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133640",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129263",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129614",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130759",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131011",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "139063",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128863",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130332",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128730",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130298",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131690",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128770",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130125",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128732",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128733",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130816",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129528",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130052",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129294",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132470",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133836",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129242",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129401",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130304",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130549",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129427",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130085",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131008",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "137652",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130046",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130086",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128769",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130141",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130181",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133368",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132942",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130070",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129318",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132965",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131790",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130818",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130817",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128771",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130050",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133600",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "130072",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129120",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129426",
            "trust": 0.1
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-267",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-92692",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-71506",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3566",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "169664",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "137294",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129178",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3566"
          },
          {
            "db": "BID",
            "id": "70574"
          },
          {
            "db": "PACKETSTORM",
            "id": "169664"
          },
          {
            "db": "PACKETSTORM",
            "id": "137294"
          },
          {
            "db": "PACKETSTORM",
            "id": "132641"
          },
          {
            "db": "PACKETSTORM",
            "id": "129266"
          },
          {
            "db": "PACKETSTORM",
            "id": "129178"
          },
          {
            "db": "PACKETSTORM",
            "id": "130334"
          },
          {
            "db": "PACKETSTORM",
            "id": "128921"
          },
          {
            "db": "PACKETSTORM",
            "id": "136577"
          },
          {
            "db": "PACKETSTORM",
            "id": "129071"
          },
          {
            "db": "PACKETSTORM",
            "id": "129065"
          },
          {
            "db": "PACKETSTORM",
            "id": "135908"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3566"
          }
        ]
      },
      "id": "VAR-201410-1418",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          }
        ],
        "trust": 0.5931986333333333
      },
      "last_update_date": "2026-04-10T23:34:59.740000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Debian Security Advisories: DSA-3489-1 lighttpd -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dcb828f6dad683ea0da76b6c62cde0ea"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=4545b8bd124b33fa1434a34c59003fd5"
          },
          {
            "title": "HP: HPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03360"
          },
          {
            "title": "Debian CVElist Bug Report Logs: Not possible to disable SSLv3",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=cd46735759deed658e1e15bd89794f91"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2014-426",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-426"
          },
          {
            "title": "Red Hat: CVE-2014-3566",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3566"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2014-429",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-429"
          },
          {
            "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03360 rev.5 - HP LaserJet Printers and MFPs, HP OfficeJet Printers and MFPs, and HP JetDirect Networking cards using OpenSSL, Remote Disclosure of Information",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=9e10ca91834a4f14416f4e75e776c6b6"
          },
          {
            "title": "Red Hat: Important: java-1.6.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150085 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.7.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150067 - Security Advisory"
          },
          {
            "title": "Debian Security Advisories: DSA-3253-1 pound -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=ad76a2fc91623114f1aaa478b7ecbe12"
          },
          {
            "title": "Red Hat: Important: java-1.7.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150068 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: java-1.8.0-openjdk security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150069 - Security Advisory"
          },
          {
            "title": "Red Hat: Critical: java-1.7.0-oracle security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150079 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: java-1.6.0-sun security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150086 - Security Advisory"
          },
          {
            "title": "Debian Security Advisories: DSA-3053-1 openssl -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=89bdef3607a7448566a930eca0e94cb3"
          },
          {
            "title": "Symantec Security Advisories: SA83 : SSL v3 Poodle Attack",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=3703d1b5dc42da47d311d20afe00de22"
          },
          {
            "title": "Red Hat: Critical: java-1.8.0-oracle security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150080 - Security Advisory"
          },
          {
            "title": "Cisco: SSL-TLS Implementations Cipher Block Chaining Padding Information Disclosure Vulnerability",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20141211-CVE-2014-8730"
          },
          {
            "title": "Debian CVElist Bug Report Logs: asterisk: CVE-2014-9374",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5ec9c01ff2551bc64f61573dcb290621"
          },
          {
            "title": "Citrix Security Bulletins: CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=510bf83b7458a7704870eecdfadf5704"
          },
          {
            "title": "Debian CVElist Bug Report Logs: CVE-2014-8418 CVE-2014-8412 CVE-2014-8414 CVE-2014-8417",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ea75db152315222e9fc0490c8b65fb98"
          },
          {
            "title": "Tenable Security Advisories: [R6] SSLv3 Protocol Vulnerability Affects Tenable Products (POODLE)",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=TNS-2014-09"
          },
          {
            "title": "Ubuntu Security Notice: openjdk-7 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2487-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3144-1 openjdk-7 -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d750da8121d006282839ec576885794b"
          },
          {
            "title": "Red Hat: Low: Red Hat Satellite IBM Java Runtime security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20150264 - Security Advisory"
          },
          {
            "title": "Debian Security Advisories: DSA-3147-1 openjdk-6 -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=f0587b999035ec3e03b0795bc92b0a31"
          },
          {
            "title": "Ubuntu Security Notice: openjdk-6 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2486-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-480",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-480"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-471",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-471"
          },
          {
            "title": "Huawei Security Advisories: Huawei PSIRT: Technical Analysis Report Regarding Finite State Supply Chain Assessment",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=73885f997edba4cefdd6ba9030e87bdc"
          },
          {
            "title": "mangy-beast",
            "trust": 0.1,
            "url": "https://github.com/ashmastaflash/mangy-beast "
          },
          {
            "title": "BASH_froggPoodler",
            "trust": 0.1,
            "url": "https://github.com/FroggDev/BASH_froggPoodler "
          },
          {
            "title": "lacework-kaholo-autoremediation",
            "trust": 0.1,
            "url": "https://github.com/automatecloud/lacework-kaholo-autoremediation "
          },
          {
            "title": "bouncer",
            "trust": 0.1,
            "url": "https://github.com/ggrandes/bouncer "
          },
          {
            "title": "voipnowpatches",
            "trust": 0.1,
            "url": "https://github.com/4psa/voipnowpatches "
          },
          {
            "title": "ric13351",
            "trust": 0.1,
            "url": "https://github.com/bjayesh/ric13351 "
          },
          {
            "title": "squeeze-lighttpd-poodle",
            "trust": 0.1,
            "url": "https://github.com/matjohns/squeeze-lighttpd-poodle "
          },
          {
            "title": "poodle_check",
            "trust": 0.1,
            "url": "https://github.com/rameezts/poodle_check "
          },
          {
            "title": "poodle_protector",
            "trust": 0.1,
            "url": "https://github.com/stdevel/poodle_protector "
          },
          {
            "title": "bouncer",
            "trust": 0.1,
            "url": "https://github.com/TechPorter20/bouncer "
          },
          {
            "title": "aws_poodle_fix",
            "trust": 0.1,
            "url": "https://github.com/rvaralda/aws_poodle_fix "
          },
          {
            "title": "dnsmanagerpatches",
            "trust": 0.1,
            "url": "https://github.com/4psa/dnsmanagerpatches "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Wanderwille/13.01 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2014-3566"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3566"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.2,
            "url": "https://security.gentoo.org/glsa/201507-14"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1876.html"
          },
          {
            "trust": 1.2,
            "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21688165"
          },
          {
            "trust": 1.2,
            "url": "https://www.openssl.org/news/secadv_20141015.txt"
          },
          {
            "trust": 1.2,
            "url": "https://www.openssl.org/~bodo/ssl-poodle.pdf"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031029"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031039"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031085"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031086"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031087"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031088"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031089"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031090"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031091"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031092"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031093"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031094"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031095"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031096"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031105"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031106"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031107"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031120"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031123"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031124"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031130"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031131"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id/1031132"
          },
          {
            "trust": 1.1,
            "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141015-poodle"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/59627"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/60056"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/60206"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/60792"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/60859"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61019"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61130"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61303"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61316"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61345"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61359"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61782"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61810"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61819"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61825"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61827"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61926"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/61995"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/70574"
          },
          {
            "trust": 1.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html"
          },
          {
            "trust": 1.1,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/533724/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/533747"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/533746"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2014/dsa-3053"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2015/dsa-3144"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2015/dsa-3147"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2015/dsa-3253"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2016/dsa-3489"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-november/142330.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141158.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/141114.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169374.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-october/169361.html"
          },
          {
            "trust": 1.1,
            "url": "https://security.gentoo.org/glsa/201606-11"
          },
          {
            "trust": 1.1,
            "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04583581"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2014:203"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:062"
          },
          {
            "trust": 1.1,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2014-015.txt.asc"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1652.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1653.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1692.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1877.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1880.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1881.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1882.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1920.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1948.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0068.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0079.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0080.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0085.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0086.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0264.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0698.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1545.html"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1546.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/ncas/alerts/ta14-290a"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-2486-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-2487-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/577193"
          },
          {
            "trust": 1.1,
            "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3ccommits.cxf.apache.org%3e"
          },
          {
            "trust": 1.1,
            "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3ccommits.cxf.apache.org%3e"
          },
          {
            "trust": 1.1,
            "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3ccommits.cxf.apache.org%3e"
          },
          {
            "trust": 1.1,
            "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e"
          },
          {
            "trust": 1.1,
            "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e"
          },
          {
            "trust": 1.1,
            "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e"
          },
          {
            "trust": 1.1,
            "url": "http://advisories.mageia.org/mgasa-2014-0416.html"
          },
          {
            "trust": 1.1,
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc"
          },
          {
            "trust": 1.1,
            "url": "http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566"
          },
          {
            "trust": 1.1,
            "url": "http://blog.cryptographyengineering.com/2014/10/attack-of-week-poodle.html"
          },
          {
            "trust": 1.1,
            "url": "http://blog.nodejs.org/2014/10/23/node-v0-10-33-stable/"
          },
          {
            "trust": 1.1,
            "url": "http://blogs.technet.com/b/msrc/archive/2014/10/14/security-advisory-3009008-released.aspx"
          },
          {
            "trust": 1.1,
            "url": "http://docs.ipswitch.com/moveit/dmz82/releasenotes/moveitreleasenotes82.pdf"
          },
          {
            "trust": 1.1,
            "url": "http://downloads.asterisk.org/pub/security/ast-2014-011.html"
          },
          {
            "trust": 1.1,
            "url": "http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html"
          },
          {
            "trust": 1.1,
            "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04779034"
          },
          {
            "trust": 1.1,
            "url": "http://people.canonical.com/~ubuntu-security/cve/2014/cve-2014-3566.html"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/ht204244"
          },
          {
            "trust": 1.1,
            "url": "http://support.citrix.com/article/ctx200238"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021431"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1021439"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686997"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687172"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687611"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/security/advisories/vmsa-2015-0003.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.websense.com/support/article/kbarticle/vulnerabilities-resolved-in-triton-apx-version-8-0"
          },
          {
            "trust": 1.1,
            "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-405500.htm"
          },
          {
            "trust": 1.1,
            "url": "https://access.redhat.com/articles/1232123"
          },
          {
            "trust": 1.1,
            "url": "https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/"
          },
          {
            "trust": 1.1,
            "url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6"
          },
          {
            "trust": 1.1,
            "url": "https://bto.bluecoat.com/security-advisory/sa83"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1076983"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152789"
          },
          {
            "trust": 1.1,
            "url": "https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip"
          },
          {
            "trust": 1.1,
            "url": "https://github.com/mpgn/poodle-poc"
          },
          {
            "trust": 1.1,
            "url": "https://groups.google.com/forum/#%21topic/docker-user/oym0i3xshju"
          },
          {
            "trust": 1.1,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04819635"
          },
          {
            "trust": 1.1,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05068681"
          },
          {
            "trust": 1.1,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05157667"
          },
          {
            "trust": 1.1,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05301946"
          },
          {
            "trust": 1.1,
            "url": "https://ics-cert.us-cert.gov/advisories/icsma-18-058-02"
          },
          {
            "trust": 1.1,
            "url": "https://puppet.com/security/cve/poodle-sslv3-vulnerability"
          },
          {
            "trust": 1.1,
            "url": "https://security.netapp.com/advisory/ntap-20141015-0001/"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/ht205217"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6527"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6529"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6531"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6535"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6536"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6541"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht6542"
          },
          {
            "trust": 1.1,
            "url": "https://support.citrix.com/article/ctx216642"
          },
          {
            "trust": 1.1,
            "url": "https://support.lenovo.com/product_security/poodle"
          },
          {
            "trust": 1.1,
            "url": "https://support.lenovo.com/us/en/product_security/poodle"
          },
          {
            "trust": 1.1,
            "url": "https://technet.microsoft.com/library/security/3009008.aspx"
          },
          {
            "trust": 1.1,
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1015-security-advisory-7"
          },
          {
            "trust": 1.1,
            "url": "https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.dfranke.us/posts/2014-10-14-how-poodle-happened.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.elastic.co/blog/logstash-1-4-3-released"
          },
          {
            "trust": 1.1,
            "url": "https://www.imperialviolet.org/2014/10/14/poodle.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.suse.com/support/kb/doc.php?id=7015773"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
          },
          {
            "trust": 1.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141628688425177\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141879378918327\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142624719706349\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142805027510172\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142660345230545\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141697638231025\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143558192010071\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10104"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142804214608580\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142103967620673\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142496355704097\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142624590206005\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142721830231196\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142607790919348\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10091"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142546741516006\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142350298616097\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142357976805598\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142495837901899\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141703183219781\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141577087123040\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143039249603103\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141813976718456\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=openssl-dev\u0026m=141333049205629\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141450973807288\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141775427104070\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143290437727362\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141715130023061\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142350196615714\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=145983526810210\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10090"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142296755107581\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143558137709884\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143290583027876\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141814011518700\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142791032306609\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141694355519663\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141477196830952\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142350743917559\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141697676231104\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141577350823734\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142624679706236\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=144101915224472\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143101048219218\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=144294141001552\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=144251162130364\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141620103726640\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142721887231400\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141450452204552\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142962817202793\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142354438527235\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142740155824959\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "https://templatelab.com/ssl-poodle/"
          },
          {
            "trust": 1.0,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=142624619906067\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143628269912142\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143290522027658\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=143290371927178\u0026w=2"
          },
          {
            "trust": 0.5,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
          },
          {
            "trust": 0.5,
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.5,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
          },
          {
            "trust": 0.2,
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
          },
          {
            "trust": 0.2,
            "url": "http://www.hpe.com/support/security_bulletin_archive"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0800"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2842"
          },
          {
            "trust": 0.2,
            "url": "http://www.hpe.com/support/subscriber_choice"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0799"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141577350823734\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141576815022399\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141620103726640\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141697638231025\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141703183219781\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141697676231104\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141775427104070\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141814011518700\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141715130023061\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141813976718456\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142118135300698\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142296755107581\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142354438527235\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142350743917559\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142350196615714\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142350298616097\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142357976805598\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142962817202793\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290371927178\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=144294141001552\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=145983526810210\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141450973807288\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142721887231400\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142660345230545\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142804214608580\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141450452204552\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141628688425177\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141577087123040\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141694355519663\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141879378918327\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290583027876\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143628269912142\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143039249603103\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142495837901899\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290522027658\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624719706349\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143290437727362\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624590206005\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624679706236\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142740155824959\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142721830231196\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142791032306609\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=144101915224472\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142103967620673\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143558137709884\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143558192010071\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142805027510172\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142546741516006\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=144251162130364\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141477196830952\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=143101048219218\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142496355704097\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142624619906067"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=142607790919348\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=openssl-dev\u0026amp;m=141333049205629\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10705"
          },
          {
            "trust": 0.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10090"
          },
          {
            "trust": 0.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10091"
          },
          {
            "trust": 0.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10104"
          },
          {
            "trust": 0.1,
            "url": "https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/about/secpolicy.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
          },
          {
            "trust": 0.1,
            "url": "http://h20564.www2.hpe.com/hpsc/swd/public"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0705"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-5161"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1789"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5600"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1791"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0412"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6549"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0403"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0395"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0407"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0406"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0383"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6585"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6549"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0413"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6601"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6591"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6591"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6593"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0421"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0406"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0410"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3566"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6601"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0403"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0408"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0412"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0413"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0410"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0408"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0400"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0400"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0407"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0421"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0383"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0395"
          },
          {
            "trust": 0.1,
            "url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facets"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6531"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6532"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6511"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6558"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6457"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3065"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6493"
          },
          {
            "trust": 0.1,
            "url": "https://www.ibm.com/developerworks/java/jdk/alerts/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-4288"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6503"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4288"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6532"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6457"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6512"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6531"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3566"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6511"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3065"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6458"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6527"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6502"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6503"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6492"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6502"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6506"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6558"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6476"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6515"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6506"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6456"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6515"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6456"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-6527"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6458"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6512"
          },
          {
            "trust": 0.1,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-0705"
          },
          {
            "trust": 0.1,
            "url": "https://www.hpe.com"
          },
          {
            "trust": 0.1,
            "url": "https://h20392.www2.hpe.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.hp.com/jp/icewall_patchaccess"
          },
          {
            "trust": 0.1,
            "url": "https://softwaresupport.hp.com/group/softwaresupport/search-result/-/facetsea"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71506"
          },
          {
            "db": "PACKETSTORM",
            "id": "169664"
          },
          {
            "db": "PACKETSTORM",
            "id": "137294"
          },
          {
            "db": "PACKETSTORM",
            "id": "132641"
          },
          {
            "db": "PACKETSTORM",
            "id": "129266"
          },
          {
            "db": "PACKETSTORM",
            "id": "129178"
          },
          {
            "db": "PACKETSTORM",
            "id": "130334"
          },
          {
            "db": "PACKETSTORM",
            "id": "128921"
          },
          {
            "db": "PACKETSTORM",
            "id": "136577"
          },
          {
            "db": "PACKETSTORM",
            "id": "129071"
          },
          {
            "db": "PACKETSTORM",
            "id": "129065"
          },
          {
            "db": "PACKETSTORM",
            "id": "135908"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3566"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-71506",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3566",
            "ident": null
          },
          {
            "db": "BID",
            "id": "70574",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "169664",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "137294",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132641",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129266",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129178",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130334",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "128921",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "136577",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129071",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129065",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "135908",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3566",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2014-10-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-71506",
            "ident": null
          },
          {
            "date": "2014-10-15T00:00:00",
            "db": "VULMON",
            "id": "CVE-2014-3566",
            "ident": null
          },
          {
            "date": "2014-10-14T00:00:00",
            "db": "BID",
            "id": "70574",
            "ident": null
          },
          {
            "date": "2014-10-15T12:12:12",
            "db": "PACKETSTORM",
            "id": "169664",
            "ident": null
          },
          {
            "date": "2016-06-02T16:22:00",
            "db": "PACKETSTORM",
            "id": "137294",
            "ident": null
          },
          {
            "date": "2015-07-10T15:43:42",
            "db": "PACKETSTORM",
            "id": "132641",
            "ident": null
          },
          {
            "date": "2014-11-26T15:08:22",
            "db": "PACKETSTORM",
            "id": "129266",
            "ident": null
          },
          {
            "date": "2014-11-20T16:18:57",
            "db": "PACKETSTORM",
            "id": "129178",
            "ident": null
          },
          {
            "date": "2015-02-10T17:43:07",
            "db": "PACKETSTORM",
            "id": "130334",
            "ident": null
          },
          {
            "date": "2014-10-31T23:08:29",
            "db": "PACKETSTORM",
            "id": "128921",
            "ident": null
          },
          {
            "date": "2016-04-06T13:28:14",
            "db": "PACKETSTORM",
            "id": "136577",
            "ident": null
          },
          {
            "date": "2014-11-12T18:14:00",
            "db": "PACKETSTORM",
            "id": "129071",
            "ident": null
          },
          {
            "date": "2014-11-12T18:13:12",
            "db": "PACKETSTORM",
            "id": "129065",
            "ident": null
          },
          {
            "date": "2016-02-24T23:59:00",
            "db": "PACKETSTORM",
            "id": "135908",
            "ident": null
          },
          {
            "date": "2014-10-15T00:55:02.137000",
            "db": "NVD",
            "id": "CVE-2014-3566",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-71506",
            "ident": null
          },
          {
            "date": "2023-09-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2014-3566",
            "ident": null
          },
          {
            "date": "2015-11-03T18:53:00",
            "db": "BID",
            "id": "70574",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-3566",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "network",
        "sources": [
          {
            "db": "BID",
            "id": "70574"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "_id": null,
        "data": "OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability",
        "sources": [
          {
            "db": "BID",
            "id": "70574"
          }
        ],
        "trust": 0.3
      },
      "type": {
        "_id": null,
        "data": "Design Error",
        "sources": [
          {
            "db": "BID",
            "id": "70574"
          }
        ],
        "trust": 0.3
      }
    }

    VAR-201410-1217

    Vulnerability from variot - Updated: 2026-04-10 23:34

    Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlService disruption by a third party (DoS) There is a possibility of being affected unspecified, such as being in a state. ------------------------------------------------------------------------ WebKitGTK+ Security Advisory WSA-2015-0002


    Date reported : December 28, 2015 Advisory ID : WSA-2015-0002 Advisory URL : http://webkitgtk.org/security/WSA-2015-0002.html CVE identifiers : CVE-2013-6663, CVE-2014-1748, CVE-2014-3192, CVE-2014-4409, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4452, CVE-2014-4459, CVE-2014-4465, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071, CVE-2015-1072, CVE-2015-1073, CVE-2015-1074, CVE-2015-1075, CVE-2015-1076, CVE-2015-1077, CVE-2015-1080, CVE-2015-1081, CVE-2015-1082, CVE-2015-1083, CVE-2015-1084, CVE-2015-1119, CVE-2015-1120, CVE-2015-1121, CVE-2015-1122, CVE-2015-1124, CVE-2015-1126, CVE-2015-1127, CVE-2015-1152, CVE-2015-1153, CVE-2015-1154, CVE-2015-1155, CVE-2015-1156, CVE-2015-2330, CVE-2015-3658, CVE-2015-3659, CVE-2015-3660, CVE-2015-3727, CVE-2015-3730, CVE-2015-3731, CVE-2015-3732, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3750, CVE-2015-3751, CVE-2015-3752, CVE-2015-3753, CVE-2015-3754, CVE-2015-3755, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5797, CVE-2015-5798, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802, CVE-2015-5803, CVE-2015-5804, CVE-2015-5805, CVE-2015-5806, CVE-2015-5807, CVE-2015-5809, CVE-2015-5810, CVE-2015-5811, CVE-2015-5812, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5816, CVE-2015-5817, CVE-2015-5818, CVE-2015-5819, CVE-2015-5822, CVE-2015-5823, CVE-2015-5825, CVE-2015-5826, CVE-2015-5827, CVE-2015-5828, CVE-2015-5928, CVE-2015-5929, CVE-2015-5930, CVE-2015-5931, CVE-2015-7002, CVE-2015-7012, CVE-2015-7013, CVE-2015-7014, CVE-2015-7048, CVE-2015-7095, CVE-2015-7097, CVE-2015-7099, CVE-2015-7100, CVE-2015-7102, CVE-2015-7103, CVE-2015-7104.

    Several vulnerabilities were discovered on WebKitGTK+.

    CVE-2013-6663 Versions affected: WebKitGTK+ before 2.4.0. Credit to Atte Kettunen of OUSPG.

    CVE-2014-1748 Versions affected: WebKitGTK+ before 2.6.0. Credit to Jordan Milne.

    CVE-2014-3192 Versions affected: WebKitGTK+ before 2.6.3. Credit to cloudfuzzer.

    CVE-2014-4409 Versions affected: WebKitGTK+ before 2.6.0. Credit to Yosuke Hasegawa (NetAgent Co., Led.). WebKit in Apple iOS before 8 makes it easier for remote attackers to track users during private browsing via a crafted web site that reads HTML5 application-cache data that had been stored during normal browsing.

    CVE-2014-4410 Versions affected: WebKitGTK+ before 2.6.0. Credit to Eric Seidel of Google.

    CVE-2014-4411 Versions affected: WebKitGTK+ before 2.6.0. Credit to Google Chrome Security Team.

    CVE-2014-4412 Versions affected: WebKitGTK+ before 2.4.0. Credit to Apple.

    CVE-2014-4413 Versions affected: WebKitGTK+ before 2.4.0. Credit to Apple.

    CVE-2014-4414 Versions affected: WebKitGTK+ before 2.4.0. Credit to Apple.

    CVE-2014-4452 Versions affected: WebKitGTK+ before 2.6.0. Credit to unknown.

    CVE-2014-4459 Versions affected: WebKitGTK+ before 2.6.2. Credit to unknown. Use-after-free vulnerability in WebKit, as used in Apple OS X before 10.10.1, allows remote attackers to execute arbitrary code via crafted page objects in an HTML document.

    CVE-2014-4465 Versions affected: WebKitGTK+ before 2.6.2. Credit to Rennie deGraaf of iSEC Partners. WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style Sheets (CSS) token sequences within an SVG file in the SRC attribute of an IMG element.

    CVE-2014-4466 Versions affected: WebKitGTK+ before 2.6.2. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4468 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4469 Versions affected: WebKitGTK+ before 2.6.4. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4470 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4471 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4472 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4473 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4474 Versions affected: WebKitGTK+ before 2.6.2. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4475 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1.

    CVE-2014-4476 Versions affected: WebKitGTK+ before 2.6.2. Credit to Apple. WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479.

    CVE-2014-4477 Versions affected: WebKitGTK+ before 2.6.4. Credit to lokihardt@ASRT working with HP’s Zero Day Initiative. WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4479.

    CVE-2014-4479 Versions affected: WebKitGTK+ before 2.6.4. Credit to Apple. WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4476 and CVE-2014-4477.

    CVE-2015-1068 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1069 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1070 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1071 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1072 Versions affected: WebKitGTK+ before 2.8.0. Credit to unknown. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1073 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1074 Versions affected: WebKitGTK+ before 2.6.4. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1075 Versions affected: WebKitGTK+ before 2.8.0. Credit to Google Chrome Security Team. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1076 Versions affected: WebKitGTK+ before 2.8.0. Credit to unknown. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1077 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1080 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1081 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1082 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1083 Versions affected: WebKitGTK+ before 2.6.4. Credit to Apple. WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2015-03-17-1.

    CVE-2015-1084 Versions affected: WebKitGTK+ before 2.6.1. Credit to Apple. The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct phishing attacks via a crafted URL.

    CVE-2015-1119 Versions affected: WebKitGTK+ before 2.8.0. Credit to Renata Hodovan of University of Szeged / Samsung Electronics. WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE- SA-2015-04-08-4.

    CVE-2015-1120 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE- SA-2015-04-08-4.

    CVE-2015-1121 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE- SA-2015-04-08-4.

    CVE-2015-1122 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE- SA-2015-04-08-4.

    CVE-2015-1124 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE- SA-2015-04-08-4.

    CVE-2015-1126 Versions affected: WebKitGTK+ before 2.8.0. Credit to Jouko Pynnonen of Klikki Oy. WebKit, as used in Apple iOS before 8.3 and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly handle the userinfo field in FTP URLs, which allows remote attackers to trigger incorrect resource access via unspecified vectors.

    CVE-2015-1127 Versions affected: WebKitGTK+ before 2.8.0. Credit to Tyler C (2.6.5). The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing history into an index, which might allow local users to obtain sensitive information by reading index entries.

    CVE-2015-1152 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-1153 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple (2.6.5).

    CVE-2015-1154 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple (2.6.5).

    CVE-2015-1155 Versions affected: WebKitGTK+ before 2.10.0. Credit to Joe Vennix of Rapid7 Inc. working with HP's Zero Day Initiative. The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site.

    CVE-2015-1156 Versions affected: WebKitGTK+ before 2.8.0. Credit to Zachary Durber of Moodle. The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel attribute in an A element, which allows remote attackers to bypass the Same Origin Policy for a link's target, and spoof the user interface, via a crafted web site.

    CVE-2015-2330 Versions affected: WebKitGTK+ before 2.6.6. Credit to Ross Lagerwall. Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.

    CVE-2015-3658 Versions affected: WebKitGTK+ before 2.8.1. Credit to Brad Hill of Facebook. The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.

    CVE-2015-3659 Versions affected: WebKitGTK+ before 2.8.3. Credit to Peter Rutenbar working with HP's Zero Day Initiative. The SQLite authorizer in the Storage functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict access to SQL functions, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.

    CVE-2015-3660 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. Cross-site scripting (XSS) vulnerability in the PDF functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL in embedded PDF content.

    CVE-2015-3727 Versions affected: WebKitGTK+ before 2.8.1. Credit to Peter Rutenbar working with HP's Zero Day Initiative. WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site.

    CVE-2015-3730 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3731 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3732 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3733 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3734 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3735 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3736 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3737 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3738 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3739 Versions affected: WebKitGTK+ before 2.8.1. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3740 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3741 Versions affected: WebKitGTK+ before 2.8.1. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3742 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3743 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3744 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3745 Versions affected: WebKitGTK+ before 2.8.1. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3746 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3747 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3748 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3749 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple. WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE- SA-2015-08-13-1 and APPLE-SA-2015-08-13-3.

    CVE-2015-3750 Versions affected: WebKitGTK+ before 2.10.0. Credit to Muneaki Nishimura (nishimunea). WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof a report by modifying the client- server data stream.

    CVE-2015-3751 Versions affected: WebKitGTK+ before 2.10.0. Credit to Muneaki Nishimura (nishimunea). WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.

    CVE-2015-3752 Versions affected: WebKitGTK+ before 2.8.4. Credit to Muneaki Nishimura (nishimunea). The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive information via vectors involving (1) a cross- origin request or (2) a private-browsing request.

    CVE-2015-3753 Versions affected: WebKitGTK+ before 2.8.3. Credit to Antonio Sanso and Damien Antipa of Adobe. WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint checking for CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive image data by leveraging a redirect to a data:image resource.

    CVE-2015-3754 Versions affected: WebKitGTK+ before 2.10.0. Credit to Dongsung Kim (@kid1ng). The private-browsing implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent caching of HTTP authentication credentials, which makes it easier for remote attackers to track users via a crafted web site.

    CVE-2015-3755 Versions affected: WebKitGTK+ before 2.10.0. Credit to xisigr of Tencent's Xuanwu Lab. WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.

    CVE-2015-5788 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple. The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element.

    CVE-2015-5789 Versions affected: WebKitGTK+ before 2.6.1. Credit to Apple.

    CVE-2015-5790 Versions affected: WebKitGTK+ before 2.6.2. Credit to Apple.

    CVE-2015-5791 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple.

    CVE-2015-5792 Versions affected: WebKitGTK+ before 2.4.0. Credit to Apple.

    CVE-2015-5793 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5794 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5795 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple.

    CVE-2015-5797 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5798 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple.

    CVE-2015-5799 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple (2.6.5).

    CVE-2015-5800 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple (2.6.5).

    CVE-2015-5801 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5802 Versions affected: WebKitGTK+ before 2.6.0. Credit to Apple.

    CVE-2015-5803 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5804 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5805 Versions affected: WebKitGTK+ before 2.10.0. Credit to unknown.

    CVE-2015-5806 Versions affected: WebKitGTK+ before 2.8.3. Credit to Apple.

    CVE-2015-5807 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5809 Versions affected: WebKitGTK+ before 2.8.4. Credit to Apple.

    CVE-2015-5810 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5811 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5812 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5813 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5814 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5815 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5816 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5817 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5818 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5819 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5822 Versions affected: WebKitGTK+ before 2.8.1. Credit to Mark S. Miller of Google.

    CVE-2015-5823 Versions affected: WebKitGTK+ before 2.8.0. Credit to Apple.

    CVE-2015-5825 Versions affected: WebKitGTK+ before 2.10.0. Credit to Yossi Oren et al. of Columbia University's Network Security Lab. WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, which allows remote attackers to obtain sensitive information about the browser history, mouse movement, or network traffic via crafted JavaScript code.

    CVE-2015-5826 Versions affected: WebKitGTK+ before 2.6.5. Credit to filedescriptior, Chris Evans. WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

    CVE-2015-5827 Versions affected: WebKitGTK+ before 2.10.0. Credit to Gildas. WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a (1) custom event, (2) message event, or (3) pop state event.

    CVE-2015-5828 Versions affected: WebKitGTK+ before 2.10.0. Credit to Lorenzo Fontana. The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.

    CVE-2015-5928 Versions affected: WebKitGTK+ before 2.8.4. Credit to Apple.

    CVE-2015-5929 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5930 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-5931 Versions affected: WebKitGTK+ before 2.10.0. Credit to unknown.

    CVE-2015-7002 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7012 Versions affected: WebKitGTK+ before 2.8.4. Credit to Apple.

    CVE-2015-7013 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7014 Versions affected: WebKitGTK+ before 2.10.0. Credit to unknown.

    CVE-2015-7048 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7095 Versions affected: WebKitGTK+ before 2.10.2. Credit to Apple.

    CVE-2015-7097 Versions affected: WebKitGTK+ before 2.10.3. Credit to Apple.

    CVE-2015-7099 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7100 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7102 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7103 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    CVE-2015-7104 Versions affected: WebKitGTK+ before 2.10.0. Credit to Apple.

    We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases.

    Further information about WebKitGTK+ Security Advisories can be found at: http://webkitgtk.org/security.html

    The WebKitGTK+ team, December 28, 2015

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    APPLE-SA-2015-01-27-2 iOS 8.1.3

    iOS 8.1.3 is now available and addresses the following:

    AppleFileConduit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem Description: A vulnerability existed in the symbolic linking mechanism of afc. This issue was addressed by adding additional path checks. CVE-ID CVE-2014-4480 : TaiG Jailbreak Team

    CoreGraphics Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4481 : Felipe Andres Manzano of the Binamuse VRT, via the iSIGHT Partners GVP Program

    dyld Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A local user may be able to execute unsigned code Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes. CVE-ID CVE-2014-4455 : TaiG Jailbreak Team

    FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4483 : Apple

    FontParser Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Processing a maliciously crafted .dfont file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of .dfont files. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4484 : Gaurav Baruah working with HP's Zero Day Initiative

    Foundation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the XML parser. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4485 : Apple

    IOAcceleratorFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOAcceleratorFamily's handling of resource lists. This issue was addressed by removing unneeded code. CVE-ID CVE-2014-4486 : Ian Beer of Google Project Zero

    IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A buffer overflow existed in IOHIDFamily. This issue was addressed through improved size validation. CVE-ID CVE-2014-4487 : TaiG Jailbreak Team

    IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A validation issue existed in IOHIDFamily's handling of resource queue metadata. This issue was addressed through improved validation of metadata. CVE-ID CVE-2014-4488 : Apple

    IOHIDFamily Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A null pointer dereference existed in IOHIDFamily's handling of event queues. This issue was addressed through improved validation. CVE-ID CVE-2014-4489 : @beist

    iTunes Store Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A website may be able to bypass sandbox restrictions using the iTunes Store Description: An issue existed in the handling of URLs redirected from Safari to the iTunes Store that could allow a malicious website to bypass Safari's sandbox restrictions. The issue was addressed with improved filtering of URLs opened by the iTunes Store. CVE-ID CVE-2014-8840 : lokihardt@ASRT working with HP's Zero Day Initiative

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel Description: An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them. CVE-ID CVE-2014-4491 : @PanguTeam, Stefan Esser

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An issue existed in the kernel shared memory subsystem that allowed an attacker to write to memory that was intended to be read-only. This issue was addressed with stricter checking of shared memory permissions. CVE-ID CVE-2014-4495 : Ian Beer of Google Project Zero

    Kernel Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Maliciously crafted or compromised iOS applications may be able to determine addresses in the kernel Description: The mach_port_kobject kernel interface leaked kernel addresses and heap permutation value, which may aid in bypassing address space layout randomization protection. This was addressed by disabling the mach_port_kobject interface in production configurations. CVE-ID CVE-2014-4496 : TaiG Jailbreak Team

    libnetcore Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious, sandboxed app can compromise the networkd daemon Description: Multiple type confusion issues existed in networkd's handling of interprocess communication. By sending a maliciously formatted message to networkd, it may have been possible to execute arbitrary code as the networkd process. The issue is addressed through additional type checking. CVE-ID CVE-2014-4492 : Ian Beer of Google Project Zero

    MobileInstallation Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A malicious enterprise-signed application may be able to take control of the local container for applications already on a device Description: A vulnerability existed in the application installation process. This was addressed by preventing enterprise applications from overriding existing applications in specific scenarios. CVE-ID CVE-2014-4493 : Hui Xue and Tao Wei of FireEye, Inc.

    Springboard Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Enterprise-signed applications may be launched without prompting for trust Description: An issue existed in determining when to prompt for trust when first opening an enterprise-signed application. This issue was addressed through improved code signature validation. CVE-ID CVE-2014-4494 : Song Jin, Hui Xue, and Tao Wei of FireEye, Inc.

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: A UI spoofing issue existed in the handling of scrollbar boundaries. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-4467 : Jordan Milne

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Style sheets are loaded cross-origin which may allow for data exfiltration Description: An SVG loaded in an img element could load a CSS file cross-origin. This issue was addressed through enhanced blocking of external CSS references in SVGs. CVE-ID CVE-2014-4465 : Rennie deGraaf of iSEC Partners

    WebKit Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

    iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

    The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

    To check that the iPhone, iPod touch, or iPad has been updated:

    • Navigate to Settings
    • Select General
    • Select About.

    Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT1222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin)

    iQIcBAEBAgAGBQJUx8umAAoJEBcWfLTuOo7tTskQAI5o4uXj16m90mQhSqUYG35F pCbUBiLJj4IWcgLsNDKgnhcmX6YOA+q7LnyCuU91K4DLybFZr5/OrxDU4/qCsKQb 8o6uRHdtfq6zrOrUgv+hKXP36Rf5v/zl/P9JViuJoKZXMQow6DYoTpCaUAUwp23z mrF3EwzZyxfT2ICWwPS7r8A9annIprGBZLJz1Yr7Ek90WILTg9RbgnI60IBfpLzn Bi4ej9FqV2HAy4S9Fad6jyB9E0rAsl6PRMPGKVvOa2o1/mLqiFGR06qyHwJ+ynj8 tTGcnVhiZVaiur807DY1hb6uB2oLFQXxHFYe3T17l3igM/iminMpWfcq/PmnIIwR IASrhc24qgUywOGK6FfVKdoh5KNgb3xK4X7U9YL9/eMwgT48a2qO6lLTfYdFfBCh wEzMAFEDpnkwOSw/s5Ry0eCY+p+DU0Kxr3Ter3zkNO0abf2yXjAtu4nHBk3I1t4P y8fM8vcWhPDTdfhIWp5Vwcs6sxCGXO1/w6Okuv4LlEDkSJ0Vm2AdhnE0TmhWW0BB w7XMGRYdUCYRbGIta1wciD8yR1xeAWGIOL9+tYROfK4jgPgFGNjtkhqMWNxLZwnR IEHZ2hYBhf3bWCtEDP5nZBV7jdUUdMxDzDX9AuPp67SXld2By+iMe8AYgu6EVhfY CfDJ+b9mxdd8GswiT3OO =j9pr -----END PGP SIGNATURE----- . CVE-ID CVE-2014-3192 : cloudfuzzer CVE-2014-4476 : Apple CVE-2014-4477 : lokihardt@ASRT working with HP's Zero Day Initiative CVE-2014-4479 : Apple

    Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 may be obtained from the Mac App Store. ============================================================================ Ubuntu Security Notice USN-2345-1 October 14, 2014

    oxide-qt vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 14.04 LTS

    Summary:

    Several security issues were fixed in Oxide.

    Software Description: - oxide-qt: Web browser engine library for Qt (QML plugin)

    Details:

    Multiple use-after-free issues were discovered in Blink. (CVE-2014-3178, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192)

    Multiple security issues were discovered in Chromium. (CVE-2014-3179, CVE-2014-3200)

    It was discovered that Chromium did not properly handle the interaction of IPC and V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2014-3188)

    A use-after-free was discovered in the web workers implementation in Chromium. (CVE-2014-3194)

    It was discovered that V8 did not correctly handle Javascript heap allocations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (CVE-2014-3195)

    It was discovered that Blink did not properly provide substitute data for pages blocked by the XSS auditor. If a user were tricked in to opening a specially crafter website, an attacker could potentially exploit this to steal sensitive information. (CVE-2014-3197)

    It was discovered that the wrap function for Event's in the V8 bindings in Blink produced an erroneous result in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service by stopping a worker process that was handling an Event object. (CVE-2014-3199)

    Multiple security issues were discovered in V8. (CVE-2014-7967)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 14.04 LTS: liboxideqtcore0 1.2.5-0ubuntu0.14.04.1 oxideqt-codecs 1.2.5-0ubuntu0.14.04.1 oxideqt-codecs-extra 1.2.5-0ubuntu0.14.04.1

    In general, a standard system update will make all the necessary changes.

    References: http://www.ubuntu.com/usn/usn-2345-1 CVE-2014-3178, CVE-2014-3179, CVE-2014-3188, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3194, CVE-2014-3195, CVE-2014-3197, CVE-2014-3199, CVE-2014-3200, CVE-2014-7967

    Package Information: https://launchpad.net/ubuntu/+source/oxide-qt/1.2.5-0ubuntu0.14.04.1 . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-13


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Chromium: Multiple vulnerabilities Date: December 13, 2014 Bugs: #524764, #529858 ID: 201412-13


    Synopsis

    Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to execute arbitrary code.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 www-client/chromium < 39.0.2171.65 >= 39.0.2171.65

    Description

    Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Chromium users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-39.0.2171.65"

    References

    [ 1 ] CVE-2014-3188 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3188 [ 2 ] CVE-2014-3189 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3189 [ 3 ] CVE-2014-3190 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3190 [ 4 ] CVE-2014-3191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3191 [ 5 ] CVE-2014-3192 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3192 [ 6 ] CVE-2014-3193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3193 [ 7 ] CVE-2014-3194 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3194 [ 8 ] CVE-2014-3195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3195 [ 9 ] CVE-2014-3197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3197 [ 10 ] CVE-2014-3198 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3198 [ 11 ] CVE-2014-3199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3199 [ 12 ] CVE-2014-3200 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3200 [ 13 ] CVE-2014-7899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7899 [ 14 ] CVE-2014-7900 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7900 [ 15 ] CVE-2014-7901 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7901 [ 16 ] CVE-2014-7902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7902 [ 17 ] CVE-2014-7903 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7903 [ 18 ] CVE-2014-7904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7904 [ 19 ] CVE-2014-7906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7906 [ 20 ] CVE-2014-7907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7907 [ 21 ] CVE-2014-7908 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7908 [ 22 ] CVE-2014-7909 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7909 [ 23 ] CVE-2014-7910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7910

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201412-13.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "google",
            "version": "38.0.2125.7"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.6.z"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "6.2.2"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "12.1.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": "38.0.2125.101"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "7.0.3   (apple tv first  3 after generation )"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "8.1.3   (ipad 2 or later )"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "8.1.3   (iphone 4s or later )"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "8.1.3   (ipod touch first  5 after generation )"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "12.2   (windows 7)"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "12.2   (windows 8)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "6.2.3   (os x mavericks v10.9.5)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "6.2.3   (os x mountain lion v10.8.5)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "6.2.3   (os x yosemite v10.10.1)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "7.1.3   (os x mavericks v10.9.5)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "7.1.3   (os x mountain lion v10.8.5)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "7.1.3   (os x yosemite v10.10.1)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "8.0.3   (os x mavericks v10.9.5)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "8.0.3   (os x mountain lion v10.8.5)"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "8.0.3   (os x yosemite v10.10.1)"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3192"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:apple_tv",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:iphone_os",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:safari",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Apple",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "132529"
          },
          {
            "db": "PACKETSTORM",
            "id": "130130"
          },
          {
            "db": "PACKETSTORM",
            "id": "130129"
          },
          {
            "db": "PACKETSTORM",
            "id": "130131"
          }
        ],
        "trust": 0.4
      },
      "cve": "CVE-2014-3192",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-3192",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-71131",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-3192",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-3192",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201410-154",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-71131",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71131"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3192"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Use-after-free vulnerability in the ProcessingInstruction::setXSLStyleSheet function in core/dom/ProcessingInstruction.cpp in the DOM implementation in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-416: Use After Free ( Use of freed memory ) Has been identified. http://cwe.mitre.org/data/definitions/416.htmlService disruption by a third party (DoS) There is a possibility of being affected unspecified, such as being in a state. ------------------------------------------------------------------------\nWebKitGTK+ Security Advisory                               WSA-2015-0002\n------------------------------------------------------------------------\n\nDate reported      : December 28, 2015\nAdvisory ID        : WSA-2015-0002\nAdvisory URL       : http://webkitgtk.org/security/WSA-2015-0002.html\nCVE identifiers    : CVE-2013-6663, CVE-2014-1748, CVE-2014-3192,\n                     CVE-2014-4409, CVE-2014-4410, CVE-2014-4411,\n                     CVE-2014-4412, CVE-2014-4413, CVE-2014-4414,\n                     CVE-2014-4452, CVE-2014-4459, CVE-2014-4465,\n                     CVE-2014-4466, CVE-2014-4468, CVE-2014-4469,\n                     CVE-2014-4470, CVE-2014-4471, CVE-2014-4472,\n                     CVE-2014-4473, CVE-2014-4474, CVE-2014-4475,\n                     CVE-2014-4476, CVE-2014-4477, CVE-2014-4479,\n                     CVE-2015-1068, CVE-2015-1069, CVE-2015-1070,\n                     CVE-2015-1071, CVE-2015-1072, CVE-2015-1073,\n                     CVE-2015-1074, CVE-2015-1075, CVE-2015-1076,\n                     CVE-2015-1077, CVE-2015-1080, CVE-2015-1081,\n                     CVE-2015-1082, CVE-2015-1083, CVE-2015-1084,\n                     CVE-2015-1119, CVE-2015-1120, CVE-2015-1121,\n                     CVE-2015-1122, CVE-2015-1124, CVE-2015-1126,\n                     CVE-2015-1127, CVE-2015-1152, CVE-2015-1153,\n                     CVE-2015-1154, CVE-2015-1155, CVE-2015-1156,\n                     CVE-2015-2330, CVE-2015-3658, CVE-2015-3659,\n                     CVE-2015-3660, CVE-2015-3727, CVE-2015-3730,\n                     CVE-2015-3731, CVE-2015-3732, CVE-2015-3733,\n                     CVE-2015-3734, CVE-2015-3735, CVE-2015-3736,\n                     CVE-2015-3737, CVE-2015-3738, CVE-2015-3739,\n                     CVE-2015-3740, CVE-2015-3741, CVE-2015-3742,\n                     CVE-2015-3743, CVE-2015-3744, CVE-2015-3745,\n                     CVE-2015-3746, CVE-2015-3747, CVE-2015-3748,\n                     CVE-2015-3749, CVE-2015-3750, CVE-2015-3751,\n                     CVE-2015-3752, CVE-2015-3753, CVE-2015-3754,\n                     CVE-2015-3755, CVE-2015-5788, CVE-2015-5789,\n                     CVE-2015-5790, CVE-2015-5791, CVE-2015-5792,\n                     CVE-2015-5793, CVE-2015-5794, CVE-2015-5795,\n                     CVE-2015-5797, CVE-2015-5798, CVE-2015-5799,\n                     CVE-2015-5800, CVE-2015-5801, CVE-2015-5802,\n                     CVE-2015-5803, CVE-2015-5804, CVE-2015-5805,\n                     CVE-2015-5806, CVE-2015-5807, CVE-2015-5809,\n                     CVE-2015-5810, CVE-2015-5811, CVE-2015-5812,\n                     CVE-2015-5813, CVE-2015-5814, CVE-2015-5815,\n                     CVE-2015-5816, CVE-2015-5817, CVE-2015-5818,\n                     CVE-2015-5819, CVE-2015-5822, CVE-2015-5823,\n                     CVE-2015-5825, CVE-2015-5826, CVE-2015-5827,\n                     CVE-2015-5828, CVE-2015-5928, CVE-2015-5929,\n                     CVE-2015-5930, CVE-2015-5931, CVE-2015-7002,\n                     CVE-2015-7012, CVE-2015-7013, CVE-2015-7014,\n                     CVE-2015-7048, CVE-2015-7095, CVE-2015-7097,\n                     CVE-2015-7099, CVE-2015-7100, CVE-2015-7102,\n                     CVE-2015-7103, CVE-2015-7104. \n\nSeveral vulnerabilities were discovered on WebKitGTK+. \n\nCVE-2013-6663\n    Versions affected: WebKitGTK+ before 2.4.0. \n    Credit to Atte Kettunen of OUSPG. \n\nCVE-2014-1748\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Jordan Milne. \n\nCVE-2014-3192\n    Versions affected: WebKitGTK+ before 2.6.3. \n    Credit to cloudfuzzer. \n\nCVE-2014-4409\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Yosuke Hasegawa (NetAgent Co., Led.). \n    WebKit in Apple iOS before 8 makes it easier for remote attackers to\n    track users during private browsing via a crafted web site that\n    reads HTML5 application-cache data that had been stored during\n    normal browsing. \n\nCVE-2014-4410\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Eric Seidel of Google. \n\nCVE-2014-4411\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Google Chrome Security Team. \n\nCVE-2014-4412\n    Versions affected: WebKitGTK+ before 2.4.0. \n    Credit to Apple. \n\nCVE-2014-4413\n    Versions affected: WebKitGTK+ before 2.4.0. \n    Credit to Apple. \n\nCVE-2014-4414\n    Versions affected: WebKitGTK+ before 2.4.0. \n    Credit to Apple. \n\nCVE-2014-4452\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to unknown. \n\nCVE-2014-4459\n    Versions affected: WebKitGTK+ before 2.6.2. \n    Credit to unknown. \n    Use-after-free vulnerability in WebKit, as used in Apple OS X before\n    10.10.1, allows remote attackers to execute arbitrary code via\n    crafted page objects in an HTML document. \n\nCVE-2014-4465\n    Versions affected: WebKitGTK+ before 2.6.2. \n    Credit to Rennie deGraaf of iSEC Partners. \n    WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x\n    before 8.0.1 allows remote attackers to bypass the Same Origin\n    Policy via crafted Cascading Style Sheets (CSS) token sequences\n    within an SVG file in the SRC attribute of an IMG element. \n\nCVE-2014-4466\n    Versions affected: WebKitGTK+ before 2.6.2. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4468\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4469\n    Versions affected: WebKitGTK+ before 2.6.4. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4470\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4471\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4472\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4473\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4474\n    Versions affected: WebKitGTK+ before 2.6.2. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4475\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and\n    8.x before 8.0.1, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    WebKit CVEs listed in APPLE-SA-2014-12-2-1. \n\nCVE-2014-4476\n    Versions affected: WebKitGTK+ before 2.6.2. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.1.3; Apple Safari before\n    6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before\n    7.0.3, allows remote attackers to execute arbitrary code or cause a\n    denial of service (memory corruption and application crash) via a\n    crafted web site, a different vulnerability than CVE-2014-4477 and\n    CVE-2014-4479. \n\nCVE-2014-4477\n    Versions affected: WebKitGTK+ before 2.6.4. \n    Credit to lokihardt@ASRT working with HP\u2019s Zero Day Initiative. \n    WebKit, as used in Apple iOS before 8.1.3; Apple Safari before\n    6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before\n    7.0.3, allows remote attackers to execute arbitrary code or cause a\n    denial of service (memory corruption and application crash) via a\n    crafted web site, a different vulnerability than CVE-2014-4476 and\n    CVE-2014-4479. \n\nCVE-2014-4479\n    Versions affected: WebKitGTK+ before 2.6.4. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.1.3; Apple Safari before\n    6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before\n    7.0.3, allows remote attackers to execute arbitrary code or cause a\n    denial of service (memory corruption and application crash) via a\n    crafted web site, a different vulnerability than CVE-2014-4476 and\n    CVE-2014-4477. \n\nCVE-2015-1068\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1069\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1070\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1071\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1072\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to unknown. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1073\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1074\n    Versions affected: WebKitGTK+ before 2.6.4. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1075\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Google Chrome Security Team. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1076\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to unknown. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1077\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1080\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1081\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1082\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1083\n    Versions affected: WebKitGTK+ before 2.6.4. \n    Credit to Apple. \n    WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and\n    8.x before 8.0.4, allows remote attackers to execute arbitrary code\n    or cause a denial of service (memory corruption and application\n    crash) via a crafted web site, a different vulnerability than other\n    CVEs listed in APPLE-SA-2015-03-17-1. \n\nCVE-2015-1084\n    Versions affected: WebKitGTK+ before 2.6.1. \n    Credit to Apple. \n    The user interface in WebKit, as used in Apple Safari before 6.2.4,\n    7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs\n    consistently, which makes it easier for remote attackers to conduct\n    phishing attacks via a crafted URL. \n\nCVE-2015-1119\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Renata Hodovan of University of Szeged / Samsung\n    Electronics. \n    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and\n    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,\n    allows remote attackers to execute arbitrary code or cause a denial\n    of service (memory corruption and application crash) via a crafted\n    web site, a different vulnerability than other WebKit CVEs listed in\n    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-\n    SA-2015-04-08-4. \n\nCVE-2015-1120\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and\n    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,\n    allows remote attackers to execute arbitrary code or cause a denial\n    of service (memory corruption and application crash) via a crafted\n    web site, a different vulnerability than other WebKit CVEs listed in\n    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-\n    SA-2015-04-08-4. \n\nCVE-2015-1121\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and\n    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,\n    allows remote attackers to execute arbitrary code or cause a denial\n    of service (memory corruption and application crash) via a crafted\n    web site, a different vulnerability than other WebKit CVEs listed in\n    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-\n    SA-2015-04-08-4. \n\nCVE-2015-1122\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and\n    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,\n    allows remote attackers to execute arbitrary code or cause a denial\n    of service (memory corruption and application crash) via a crafted\n    web site, a different vulnerability than other WebKit CVEs listed in\n    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-\n    SA-2015-04-08-4. \n\nCVE-2015-1124\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and\n    Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5,\n    allows remote attackers to execute arbitrary code or cause a denial\n    of service (memory corruption and application crash) via a crafted\n    web site, a different vulnerability than other WebKit CVEs listed in\n    APPLE-SA-2015-04-08-1, APPLE-SA-2015-04-08-3, and APPLE-\n    SA-2015-04-08-4. \n\nCVE-2015-1126\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Jouko Pynnonen of Klikki Oy. \n    WebKit, as used in Apple iOS before 8.3 and Apple Safari before\n    6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, does not properly\n    handle the userinfo field in FTP URLs, which allows remote attackers\n    to trigger incorrect resource access via unspecified vectors. \n\nCVE-2015-1127\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Tyler C (2.6.5). \n    The private-browsing implementation in WebKit in Apple Safari before\n    6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5 places browsing\n    history into an index, which might allow local users to obtain\n    sensitive information by reading index entries. \n\nCVE-2015-1152\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-1153\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple (2.6.5). \n\nCVE-2015-1154\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple (2.6.5). \n\nCVE-2015-1155\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Joe Vennix of Rapid7 Inc. working with HP\u0027s Zero Day\n    Initiative. \n    The history implementation in WebKit, as used in Apple Safari before\n    6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote\n    attackers to bypass the Same Origin Policy and read arbitrary files\n    via a crafted web site. \n\nCVE-2015-1156\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Zachary Durber of Moodle. \n    The page-loading implementation in WebKit, as used in Apple Safari\n    before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not\n    properly handle the rel attribute in an A element, which allows\n    remote attackers to bypass the Same Origin Policy for a link\u0027s\n    target, and spoof the user interface, via a crafted web site. \n\nCVE-2015-2330\n    Versions affected: WebKitGTK+ before 2.6.6. \n    Credit to Ross Lagerwall. \n    Late TLS certificate verification in WebKitGTK+ prior to 2.6.6\n    allows remote attackers to view a secure HTTP request, including,\n    for example, secure cookies. \n\nCVE-2015-3658\n    Versions affected: WebKitGTK+ before 2.8.1. \n    Credit to Brad Hill of Facebook. \n    The Page Loading functionality in WebKit in Apple Safari before\n    6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS\n    before 8.4 and other products, does not properly consider redirects\n    during decisions about sending an Origin header, which makes it\n    easier for remote attackers to bypass CSRF protection mechanisms via\n    a crafted web site. \n\nCVE-2015-3659\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Peter Rutenbar working with HP\u0027s Zero Day Initiative. \n    The SQLite authorizer in the Storage functionality in WebKit in\n    Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7,\n    as used in Apple iOS before 8.4 and other products, does not\n    properly restrict access to SQL functions, which allows remote\n    attackers to execute arbitrary code or cause a denial of service\n    (application crash) via a crafted web site. \n\nCVE-2015-3660\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    Cross-site scripting (XSS) vulnerability in the PDF functionality in\n    WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x\n    before 8.0.7 allows remote attackers to inject arbitrary web script\n    or HTML via a crafted URL in embedded PDF content. \n\nCVE-2015-3727\n    Versions affected: WebKitGTK+ before 2.8.1. \n    Credit to Peter Rutenbar working with HP\u0027s Zero Day Initiative. \n    WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x\n    before 8.0.7, as used in Apple iOS before 8.4 and other products,\n    does not properly restrict rename operations on WebSQL tables, which\n    allows remote attackers to access an arbitrary web site\u0027s database\n    via a crafted web site. \n\nCVE-2015-3730\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3731\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3732\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3733\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3734\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3735\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3736\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3737\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3738\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3739\n    Versions affected: WebKitGTK+ before 2.8.1. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3740\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3741\n    Versions affected: WebKitGTK+ before 2.8.1. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3742\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3743\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3744\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3745\n    Versions affected: WebKitGTK+ before 2.8.1. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3746\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3747\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3748\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3749\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n    WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8,\n    7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to\n    execute arbitrary code or cause a denial of service (memory\n    corruption and application crash) via a crafted web site, a\n    different vulnerability than other WebKit CVEs listed in APPLE-\n    SA-2015-08-13-1 and APPLE-SA-2015-08-13-3. \n\nCVE-2015-3750\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Muneaki Nishimura (nishimunea). \n    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x\n    before 8.0.8, as used in iOS before 8.4.1 and other products, does\n    not enforce the HTTP Strict Transport Security (HSTS) protection\n    mechanism for Content Security Policy (CSP) report requests, which\n    allows man-in-the-middle attackers to obtain sensitive information\n    by sniffing the network or spoof a report by modifying the client-\n    server data stream. \n\nCVE-2015-3751\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Muneaki Nishimura (nishimunea). \n    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x\n    before 8.0.8, as used in iOS before 8.4.1 and other products, allows\n    remote attackers to bypass a Content Security Policy protection\n    mechanism by using a video control in conjunction with an IMG\n    element within an OBJECT element. \n\nCVE-2015-3752\n    Versions affected: WebKitGTK+ before 2.8.4. \n    Credit to Muneaki Nishimura (nishimunea). \n    The Content Security Policy implementation in WebKit in Apple Safari\n    before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS\n    before 8.4.1 and other products, does not properly restrict cookie\n    transmission for report requests, which allows remote attackers to\n    obtain sensitive information via vectors involving (1) a cross-\n    origin request or (2) a private-browsing request. \n\nCVE-2015-3753\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Antonio Sanso and Damien Antipa of Adobe. \n    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x\n    before 8.0.8, as used in iOS before 8.4.1 and other products, does\n    not properly perform taint checking for CANVAS elements, which\n    allows remote attackers to bypass the Same Origin Policy and obtain\n    sensitive image data by leveraging a redirect to a data:image\n    resource. \n\nCVE-2015-3754\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Dongsung Kim (@kid1ng). \n    The private-browsing implementation in WebKit in Apple Safari before\n    6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8 does not prevent\n    caching of HTTP authentication credentials, which makes it easier\n    for remote attackers to track users via a crafted web site. \n\nCVE-2015-3755\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to xisigr of Tencent\u0027s Xuanwu Lab. \n    WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x\n    before 8.0.8, as used in iOS before 8.4.1 and other products, allows\n    remote attackers to spoof the user interface via a malformed URL. \n\nCVE-2015-5788\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n    The WebKit Canvas implementation in Apple iOS before 9 allows remote\n    attackers to bypass the Same Origin Policy and obtain sensitive\n    image information via vectors involving a CANVAS element. \n\nCVE-2015-5789\n    Versions affected: WebKitGTK+ before 2.6.1. \n    Credit to Apple. \n\nCVE-2015-5790\n    Versions affected: WebKitGTK+ before 2.6.2. \n    Credit to Apple. \n\nCVE-2015-5791\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n\nCVE-2015-5792\n    Versions affected: WebKitGTK+ before 2.4.0. \n    Credit to Apple. \n\nCVE-2015-5793\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5794\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5795\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n\nCVE-2015-5797\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5798\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n\nCVE-2015-5799\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple (2.6.5). \n\nCVE-2015-5800\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple (2.6.5). \n\nCVE-2015-5801\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5802\n    Versions affected: WebKitGTK+ before 2.6.0. \n    Credit to Apple. \n\nCVE-2015-5803\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5804\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5805\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to unknown. \n\nCVE-2015-5806\n    Versions affected: WebKitGTK+ before 2.8.3. \n    Credit to Apple. \n\nCVE-2015-5807\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5809\n    Versions affected: WebKitGTK+ before 2.8.4. \n    Credit to Apple. \n\nCVE-2015-5810\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5811\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5812\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5813\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5814\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5815\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5816\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5817\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5818\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5819\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5822\n    Versions affected: WebKitGTK+ before 2.8.1. \n    Credit to Mark S. Miller of Google. \n\nCVE-2015-5823\n    Versions affected: WebKitGTK+ before 2.8.0. \n    Credit to Apple. \n\nCVE-2015-5825\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Yossi Oren et al. of Columbia University\u0027s Network\n    Security Lab. \n    WebKit in Apple iOS before 9 does not properly restrict the\n    availability of Performance API times, which allows remote attackers\n    to obtain sensitive information about the browser history, mouse\n    movement, or network traffic via crafted JavaScript code. \n\nCVE-2015-5826\n    Versions affected: WebKitGTK+ before 2.6.5. \n    Credit to filedescriptior, Chris Evans. \n    WebKit in Apple iOS before 9 does not properly select the cases in\n    which a Cascading Style Sheets (CSS) document is required to have\n    the text/css content type, which allows remote attackers to bypass\n    the Same Origin Policy via a crafted web site. \n\nCVE-2015-5827\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Gildas. \n    WebKit in Apple iOS before 9 allows remote attackers to bypass the\n    Same Origin Policy and obtain an object reference via vectors\n    involving a (1) custom event, (2) message event, or (3) pop state\n    event. \n\nCVE-2015-5828\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Lorenzo Fontana. \n    The API in the WebKit Plug-ins component in Apple Safari before 9\n    does not provide notification of an HTTP Redirection (aka 3xx)\n    status code to a plugin, which allows remote attackers to bypass\n    intended request restrictions via a crafted web site. \n\nCVE-2015-5928\n    Versions affected: WebKitGTK+ before 2.8.4. \n    Credit to Apple. \n\nCVE-2015-5929\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5930\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-5931\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to unknown. \n\nCVE-2015-7002\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7012\n    Versions affected: WebKitGTK+ before 2.8.4. \n    Credit to Apple. \n\nCVE-2015-7013\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7014\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to unknown. \n\nCVE-2015-7048\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7095\n    Versions affected: WebKitGTK+ before 2.10.2. \n    Credit to Apple. \n\nCVE-2015-7097\n    Versions affected: WebKitGTK+ before 2.10.3. \n    Credit to Apple. \n\nCVE-2015-7099\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7100\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7102\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7103\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\nCVE-2015-7104\n    Versions affected: WebKitGTK+ before 2.10.0. \n    Credit to Apple. \n\n\nWe recommend updating to the last stable version of WebKitGTK+. It is\nthe best way of ensuring that you are running a safe version of\nWebKitGTK+. Please check our website for information about the last\nstable releases. \n\nFurther information about WebKitGTK+ Security Advisories can be found\nat: http://webkitgtk.org/security.html\n\nThe WebKitGTK+ team,\nDecember 28, 2015\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2015-01-27-2 iOS 8.1.3\n\niOS 8.1.3 is now available and addresses the following:\n\nAppleFileConduit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A maliciously crafted afc command may allow access to\nprotected parts of the filesystem\nDescription:  A vulnerability existed in the symbolic linking\nmechanism of afc. This issue was addressed by adding additional path\nchecks. \nCVE-ID\nCVE-2014-4480 : TaiG Jailbreak Team\n\nCoreGraphics\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An integer overflow existed in the handling of PDF\nfiles. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4481 : Felipe Andres Manzano of the Binamuse VRT, via the\niSIGHT Partners GVP Program\n\ndyld\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute unsigned code\nDescription:  A state management issue existed in the handling of\nMach-O executable files with overlapping segments. This issue was\naddressed through improved validation of segment sizes. \nCVE-ID\nCVE-2014-4455 : TaiG Jailbreak Team\n\nFontParser\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the handling of font\nfiles. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4483 : Apple\n\nFontParser\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Processing a maliciously crafted .dfont file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the handling of\n.dfont files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-4484 : Gaurav Baruah working with HP\u0027s Zero Day Initiative\n\nFoundation\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted XML file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the XML parser. This issue\nwas addressed through improved bounds checking. \nCVE-ID\nCVE-2014-4485 : Apple\n\nIOAcceleratorFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A null pointer dereference existed in\nIOAcceleratorFamily\u0027s handling of resource lists. This issue was\naddressed by removing unneeded code. \nCVE-ID\nCVE-2014-4486 : Ian Beer of Google Project Zero\n\nIOHIDFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A buffer overflow existed in IOHIDFamily. This issue\nwas addressed through improved size validation. \nCVE-ID\nCVE-2014-4487 : TaiG Jailbreak Team\n\nIOHIDFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A validation issue existed in IOHIDFamily\u0027s handling of\nresource queue metadata. This issue was addressed through improved\nvalidation of metadata. \nCVE-ID\nCVE-2014-4488 : Apple\n\nIOHIDFamily\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A null pointer dereference existed in IOHIDFamily\u0027s\nhandling of event queues. This issue was addressed through improved\nvalidation. \nCVE-ID\nCVE-2014-4489 : @beist\n\niTunes Store\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A website may be able to bypass sandbox restrictions using\nthe iTunes Store\nDescription:  An issue existed in the handling of URLs redirected\nfrom Safari to the iTunes Store that could allow a malicious website\nto bypass Safari\u0027s sandbox restrictions. The issue was addressed with\nimproved filtering of URLs opened by the iTunes Store. \nCVE-ID\nCVE-2014-8840 : lokihardt@ASRT working with HP\u0027s Zero Day Initiative\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Maliciously crafted or compromised iOS applications may be\nable to determine addresses in the kernel\nDescription:  An information disclosure issue existed in the handling\nof APIs related to kernel extensions. Responses containing an\nOSBundleMachOHeaders key may have included kernel addresses, which\nmay aid in bypassing address space layout randomization protection. \nThis issue was addressed by unsliding the addresses before returning\nthem. \nCVE-ID\nCVE-2014-4491 : @PanguTeam, Stefan Esser\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  An issue existed in the kernel shared memory subsystem\nthat allowed an attacker to write to memory that was intended to be\nread-only. This issue was addressed with stricter checking of shared\nmemory permissions. \nCVE-ID\nCVE-2014-4495 : Ian Beer of Google Project Zero\n\nKernel\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Maliciously crafted or compromised iOS applications may be\nable to determine addresses in the kernel\nDescription:  The mach_port_kobject kernel interface leaked kernel\naddresses and heap permutation value, which may aid in bypassing\naddress space layout randomization protection. This was addressed by\ndisabling the mach_port_kobject interface in production\nconfigurations. \nCVE-ID\nCVE-2014-4496 : TaiG Jailbreak Team\n\nlibnetcore\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious, sandboxed app can compromise the networkd\ndaemon\nDescription:  Multiple type confusion issues existed in networkd\u0027s\nhandling of interprocess communication. By sending a maliciously\nformatted message to networkd, it may have been possible to execute\narbitrary code as the networkd process. The issue is addressed\nthrough additional type checking. \nCVE-ID\nCVE-2014-4492 : Ian Beer of Google Project Zero\n\nMobileInstallation\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  A malicious enterprise-signed application may be able to\ntake control of the local container for applications already on a\ndevice\nDescription:  A vulnerability existed in the application installation\nprocess. This was addressed by preventing enterprise applications\nfrom overriding existing applications in specific scenarios. \nCVE-ID\nCVE-2014-4493 : Hui Xue and Tao Wei of FireEye, Inc. \n\nSpringboard\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Enterprise-signed applications may be launched without\nprompting for trust\nDescription:  An issue existed in determining when to prompt for\ntrust when first opening an enterprise-signed application. This issue\nwas addressed through improved code signature validation. \nCVE-ID\nCVE-2014-4494 : Song Jin, Hui Xue, and Tao Wei of FireEye, Inc. \n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a website that frames malicious content may lead to\nUI spoofing\nDescription:  A UI spoofing issue existed in the handling of\nscrollbar boundaries. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-4467 : Jordan Milne\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Style sheets are loaded cross-origin which may allow for\ndata exfiltration\nDescription:  An SVG loaded in an img element could load a CSS file\ncross-origin. This issue was addressed through enhanced blocking of\nexternal CSS references in SVGs. \nCVE-ID\nCVE-2014-4465 : Rennie deGraaf of iSEC Partners\n\nWebKit\nAvailable for:  iPhone 4s and later,\niPod touch (5th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.22 (Darwin)\n\niQIcBAEBAgAGBQJUx8umAAoJEBcWfLTuOo7tTskQAI5o4uXj16m90mQhSqUYG35F\npCbUBiLJj4IWcgLsNDKgnhcmX6YOA+q7LnyCuU91K4DLybFZr5/OrxDU4/qCsKQb\n8o6uRHdtfq6zrOrUgv+hKXP36Rf5v/zl/P9JViuJoKZXMQow6DYoTpCaUAUwp23z\nmrF3EwzZyxfT2ICWwPS7r8A9annIprGBZLJz1Yr7Ek90WILTg9RbgnI60IBfpLzn\nBi4ej9FqV2HAy4S9Fad6jyB9E0rAsl6PRMPGKVvOa2o1/mLqiFGR06qyHwJ+ynj8\ntTGcnVhiZVaiur807DY1hb6uB2oLFQXxHFYe3T17l3igM/iminMpWfcq/PmnIIwR\nIASrhc24qgUywOGK6FfVKdoh5KNgb3xK4X7U9YL9/eMwgT48a2qO6lLTfYdFfBCh\nwEzMAFEDpnkwOSw/s5Ry0eCY+p+DU0Kxr3Ter3zkNO0abf2yXjAtu4nHBk3I1t4P\ny8fM8vcWhPDTdfhIWp5Vwcs6sxCGXO1/w6Okuv4LlEDkSJ0Vm2AdhnE0TmhWW0BB\nw7XMGRYdUCYRbGIta1wciD8yR1xeAWGIOL9+tYROfK4jgPgFGNjtkhqMWNxLZwnR\nIEHZ2hYBhf3bWCtEDP5nZBV7jdUUdMxDzDX9AuPp67SXld2By+iMe8AYgu6EVhfY\nCfDJ+b9mxdd8GswiT3OO\n=j9pr\n-----END PGP SIGNATURE-----\n. \nCVE-ID\nCVE-2014-3192 : cloudfuzzer\nCVE-2014-4476 : Apple\nCVE-2014-4477 : lokihardt@ASRT working with HP\u0027s Zero Day\nInitiative\nCVE-2014-4479 : Apple\n\n\nSafari 8.0.3, Safari 7.1.3, and Safari 6.2.3 may be obtained from\nthe Mac App Store. ============================================================================\nUbuntu Security Notice USN-2345-1\nOctober 14, 2014\n\noxide-qt vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Oxide. \n\nSoftware Description:\n- oxide-qt: Web browser engine library for Qt (QML plugin)\n\nDetails:\n\nMultiple use-after-free issues were discovered in Blink. (CVE-2014-3178, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192)\n\nMultiple security issues were discovered in Chromium. (CVE-2014-3179,\nCVE-2014-3200)\n\nIt was discovered that Chromium did not properly handle the interaction of\nIPC and V8. If a user were tricked in to opening a specially crafted\nwebsite, an attacker could potentially exploit this to execute arbitrary\ncode with the privileges of the user invoking the program. (CVE-2014-3188)\n\nA use-after-free was discovered in the web workers implementation in\nChromium. (CVE-2014-3194)\n\nIt was discovered that V8 did not correctly handle Javascript heap\nallocations in some circumstances. If a user were tricked in to opening a\nspecially crafted website, an attacker could potentially exploit this to\nsteal sensitive information. (CVE-2014-3195)\n\nIt was discovered that Blink did not properly provide substitute data for\npages blocked by the XSS auditor. If a user were tricked in to opening a\nspecially crafter website, an attacker could potentially exploit this to\nsteal sensitive information. (CVE-2014-3197)\n\nIt was discovered that the wrap function for Event\u0027s in the V8 bindings\nin Blink produced an erroneous result in some circumstances. If a user\nwere tricked in to opening a specially crafted website, an attacker could\npotentially exploit this to cause a denial of service by stopping a worker\nprocess that was handling an Event object. (CVE-2014-3199)\n\nMultiple security issues were discovered in V8. (CVE-2014-7967)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n  liboxideqtcore0                 1.2.5-0ubuntu0.14.04.1\n  oxideqt-codecs                  1.2.5-0ubuntu0.14.04.1\n  oxideqt-codecs-extra            1.2.5-0ubuntu0.14.04.1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n  http://www.ubuntu.com/usn/usn-2345-1\n  CVE-2014-3178, CVE-2014-3179, CVE-2014-3188, CVE-2014-3190,\n  CVE-2014-3191, CVE-2014-3192, CVE-2014-3194, CVE-2014-3195,\n  CVE-2014-3197, CVE-2014-3199, CVE-2014-3200, CVE-2014-7967\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/oxide-qt/1.2.5-0ubuntu0.14.04.1\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201412-13\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Chromium: Multiple vulnerabilities\n     Date: December 13, 2014\n     Bugs: #524764, #529858\n       ID: 201412-13\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Chromium, the worst of\nwhich can allow remote attackers to execute arbitrary code. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  www-client/chromium       \u003c 39.0.2171.65         \u003e= 39.0.2171.65\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-client/chromium-39.0.2171.65\"\n\nReferences\n==========\n\n[  1 ] CVE-2014-3188\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3188\n[  2 ] CVE-2014-3189\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3189\n[  3 ] CVE-2014-3190\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3190\n[  4 ] CVE-2014-3191\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3191\n[  5 ] CVE-2014-3192\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3192\n[  6 ] CVE-2014-3193\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3193\n[  7 ] CVE-2014-3194\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3194\n[  8 ] CVE-2014-3195\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3195\n[  9 ] CVE-2014-3197\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3197\n[ 10 ] CVE-2014-3198\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3198\n[ 11 ] CVE-2014-3199\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3199\n[ 12 ] CVE-2014-3200\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3200\n[ 13 ] CVE-2014-7899\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7899\n[ 14 ] CVE-2014-7900\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7900\n[ 15 ] CVE-2014-7901\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7901\n[ 16 ] CVE-2014-7902\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7902\n[ 17 ] CVE-2014-7903\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7903\n[ 18 ] CVE-2014-7904\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7904\n[ 19 ] CVE-2014-7906\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7906\n[ 20 ] CVE-2014-7907\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7907\n[ 21 ] CVE-2014-7908\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7908\n[ 22 ] CVE-2014-7909\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7909\n[ 23 ] CVE-2014-7910\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7910\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-13.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-3192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          },
          {
            "db": "VULHUB",
            "id": "VHN-71131"
          },
          {
            "db": "PACKETSTORM",
            "id": "132529"
          },
          {
            "db": "PACKETSTORM",
            "id": "135081"
          },
          {
            "db": "PACKETSTORM",
            "id": "130130"
          },
          {
            "db": "PACKETSTORM",
            "id": "130129"
          },
          {
            "db": "PACKETSTORM",
            "id": "130131"
          },
          {
            "db": "PACKETSTORM",
            "id": "128657"
          },
          {
            "db": "PACKETSTORM",
            "id": "129567"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-3192",
            "trust": 3.2
          },
          {
            "db": "SECTRACK",
            "id": "1031647",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "70273",
            "trust": 1.7
          },
          {
            "db": "JVN",
            "id": "JVNVU96447236",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "130130",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "132529",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "130129",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "130131",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-71131",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "135081",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "128657",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "129567",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71131"
          },
          {
            "db": "PACKETSTORM",
            "id": "132529"
          },
          {
            "db": "PACKETSTORM",
            "id": "135081"
          },
          {
            "db": "PACKETSTORM",
            "id": "130130"
          },
          {
            "db": "PACKETSTORM",
            "id": "130129"
          },
          {
            "db": "PACKETSTORM",
            "id": "130131"
          },
          {
            "db": "PACKETSTORM",
            "id": "128657"
          },
          {
            "db": "PACKETSTORM",
            "id": "129567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3192"
          }
        ]
      },
      "id": "VAR-201410-1217",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71131"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:34:07.569000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APPLE-SA-2015-01-27-1",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
          },
          {
            "title": "APPLE-SA-2015-01-27-2",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
          },
          {
            "title": "APPLE-SA-2015-01-27-3",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html"
          },
          {
            "title": "APPLE-SA-2015-06-30-6 iTunes 12.2",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
          },
          {
            "title": "HT204243",
            "trust": 0.8,
            "url": "http://support.apple.com/en-us/HT204243"
          },
          {
            "title": "HT204949",
            "trust": 0.8,
            "url": "http://support.apple.com/en-us/HT204949"
          },
          {
            "title": "HT204245",
            "trust": 0.8,
            "url": "http://support.apple.com/en-us/HT204245"
          },
          {
            "title": "HT204246",
            "trust": 0.8,
            "url": "http://support.apple.com/en-us/HT204246"
          },
          {
            "title": "HT204246",
            "trust": 0.8,
            "url": "http://support.apple.com/ja-jp/HT204246"
          },
          {
            "title": "HT204243",
            "trust": 0.8,
            "url": "http://support.apple.com/ja-jp/HT204243"
          },
          {
            "title": "HT204949",
            "trust": 0.8,
            "url": "http://support.apple.com/ja-jp/HT204949"
          },
          {
            "title": "HT204245",
            "trust": 0.8,
            "url": "http://support.apple.com/ja-jp/HT204245"
          },
          {
            "title": "Revision 182309",
            "trust": 0.8,
            "url": "https://src.chromium.org/viewvc/blink?revision=182309\u0026view=revision"
          },
          {
            "title": "Stable Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2014/10/stable-channel-update.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "https://www.google.com/intl/ja/chrome/browser/features.html"
          },
          {
            "title": "RHSA-2014:1626",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2014-1626.html"
          },
          {
            "title": "38.0.2125.101_chrome_installer",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=51771"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-416",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71131"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3192"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00000.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/jan/msg00002.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2015/jun/msg00006.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/70273"
          },
          {
            "trust": 1.7,
            "url": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/ht204243"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/ht204245"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/ht204246"
          },
          {
            "trust": 1.7,
            "url": "https://crbug.com/403276"
          },
          {
            "trust": 1.7,
            "url": "https://support.apple.com/kb/ht204949"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2014-1626.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1031647"
          },
          {
            "trust": 1.6,
            "url": "https://src.chromium.org/viewvc/blink?revision=182309\u0026view=revision"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3192"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu96447236/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3192"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3192"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4479"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4476"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4477"
          },
          {
            "trust": 0.4,
            "url": "http://support.apple.com/kb/ht1222"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4471"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4473"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4468"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4475"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4474"
          },
          {
            "trust": 0.4,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4459"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4469"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4472"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4470"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4466"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4465"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1069"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4452"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1070"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1071"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1068"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4485"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4484"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4483"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4491"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4487"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4481"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4488"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4489"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4455"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4480"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4492"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4486"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3188"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3194"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3190"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3199"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3195"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3200"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3197"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3191"
          },
          {
            "trust": 0.1,
            "url": "https://src.chromium.org/viewvc/blink?revision=182309\u0026amp;view=revision"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1073"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1075"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1076"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1077"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1074"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1072"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1080"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1078"
          },
          {
            "trust": 0.1,
            "url": "http://www.apple.com/itunes/download/"
          },
          {
            "trust": 0.1,
            "url": "http://webkitgtk.org/security.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6663"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4411"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4413"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4410"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4409"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4414"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1748"
          },
          {
            "trust": 0.1,
            "url": "http://webkitgtk.org/security/wsa-2015-0002.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4412"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/itunes/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4467"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4495"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7967"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3178"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3179"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-2345-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/oxide-qt/1.2.5-0ubuntu0.14.04.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3189"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7904"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7906"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7900"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201412-13.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3191"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7908"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3192"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3190"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7900"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3200"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7902"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7902"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7910"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7904"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3198"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7907"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7899"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3199"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3198"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7907"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3193"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7899"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7903"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3188"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7906"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3195"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7910"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3193"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7901"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3197"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3194"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7908"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7909"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-7909"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-3189"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7903"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7901"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71131"
          },
          {
            "db": "PACKETSTORM",
            "id": "132529"
          },
          {
            "db": "PACKETSTORM",
            "id": "135081"
          },
          {
            "db": "PACKETSTORM",
            "id": "130130"
          },
          {
            "db": "PACKETSTORM",
            "id": "130129"
          },
          {
            "db": "PACKETSTORM",
            "id": "130131"
          },
          {
            "db": "PACKETSTORM",
            "id": "128657"
          },
          {
            "db": "PACKETSTORM",
            "id": "129567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3192"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-71131",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132529",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "135081",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130130",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130129",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "130131",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "128657",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "129567",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3192",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2014-10-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-71131",
            "ident": null
          },
          {
            "date": "2015-07-02T11:08:22",
            "db": "PACKETSTORM",
            "id": "132529",
            "ident": null
          },
          {
            "date": "2015-12-28T22:22:22",
            "db": "PACKETSTORM",
            "id": "135081",
            "ident": null
          },
          {
            "date": "2015-01-28T00:30:44",
            "db": "PACKETSTORM",
            "id": "130130",
            "ident": null
          },
          {
            "date": "2015-01-28T00:28:03",
            "db": "PACKETSTORM",
            "id": "130129",
            "ident": null
          },
          {
            "date": "2015-01-28T00:34:49",
            "db": "PACKETSTORM",
            "id": "130131",
            "ident": null
          },
          {
            "date": "2014-10-14T23:03:50",
            "db": "PACKETSTORM",
            "id": "128657",
            "ident": null
          },
          {
            "date": "2014-12-15T20:04:05",
            "db": "PACKETSTORM",
            "id": "129567",
            "ident": null
          },
          {
            "date": "2014-10-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-154",
            "ident": null
          },
          {
            "date": "2014-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004575",
            "ident": null
          },
          {
            "date": "2014-10-08T10:55:06.457000",
            "db": "NVD",
            "id": "CVE-2014-3192",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-03-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-71131",
            "ident": null
          },
          {
            "date": "2019-03-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-154",
            "ident": null
          },
          {
            "date": "2015-07-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004575",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-3192",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "129567"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Google Chrome Used in  Blink of  DOM Service disruption in implementations  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004575"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-154"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201205-0016

    Vulnerability from variot - Updated: 2026-04-10 23:30

    The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. ( Network failure ) May be left in a state or network sessions may be taken away. The NFSv4 implementation is one of the distributed file system protocols. Attackers with physical access to a system's USB ports could obtain elevated privileges using a specially crafted USB device.

    CVE-2011-0712

    Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the caiaq
    module, a USB driver for Native Instruments USB audio devices. Attackers
    with physical access to a system's USB ports could obtain elevated
    privileges using a specially crafted USB device.
    

    CVE-2011-2213

    Dan Rosenberg discovered an issue in the INET socket monitoring interface. Updates for the hppa and ia64 architectures will
    

    be included in the upcoming 5.0.9 point release. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. Note: To correct this issue, the RHSA-2011:1241 ecryptfs-utils update must also be installed. (CVE-2011-2496, Moderate)

    • GRO (Generic Receive Offload) fields could be left in an inconsistent state. GRO is enabled by default in all network drivers that support it. (CVE-2011-2723, Moderate)

    • RHSA-2011:1065 introduced a regression in the Ethernet bridge implementation. Xen hypervisor and KVM (Kernel-based Virtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942, Moderate)

    • A flaw in the Xen hypervisor IOMMU error handling implementation could allow a privileged guest user, within a guest operating system that has direct control of a PCI device, to cause performance degradation on the host and possibly cause it to hang. The Ubuntu Security Team acknowledges Vasiliy Kulikov of Openwall and Dan Rosenberg as the original reporters of CVE-2011-1833. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2011:1465-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1465.html Issue date: 2011-11-22 CVE Names: CVE-2011-1162 CVE-2011-1577 CVE-2011-2494 CVE-2011-2699 CVE-2011-2905 CVE-2011-3188 CVE-2011-3191 CVE-2011-3353 CVE-2011-3359 CVE-2011-3363 CVE-2011-3593 CVE-2011-4326 =====================================================================

    1. Summary:

    Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6.

    The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64

    1. Description:

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    This update fixes the following security issues:

    • IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. (CVE-2011-2699, Important)

    • A signedness issue was found in the Linux kernel's CIFS (Common Internet File System) implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. (CVE-2011-3191, Important)

    • A flaw was found in the way the Linux kernel handled fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload (UFO) functionality on. A remote attacker could use this flaw to cause a denial of service. (CVE-2011-4326, Important)

    • The way IPv4 and IPv6 protocol sequence numbers and fragment IDs were generated could allow a man-in-the-middle attacker to inject packets and possibly hijack connections. Protocol sequence numbers and fragment IDs are now more random. (CVE-2011-3188, Moderate)

    • A buffer overflow flaw was found in the Linux kernel's FUSE (Filesystem in Userspace) implementation. A local user in the fuse group who has access to mount a FUSE file system could use this flaw to cause a denial of service. (CVE-2011-3353, Moderate)

    • A flaw was found in the b43 driver in the Linux kernel. If a system had an active wireless interface that uses the b43 driver, an attacker able to send a specially-crafted frame to that interface could cause a denial of service. (CVE-2011-3359, Moderate)

    • A flaw was found in the way CIFS shares with DFS referrals at their root were handled. An attacker on the local network who is able to deploy a malicious CIFS server could create a CIFS network share that, when mounted, would cause the client system to crash. (CVE-2011-3363, Moderate)

    • A flaw was found in the way the Linux kernel handled VLAN 0 frames with the priority tag set. When using certain network drivers, an attacker on the local network could use this flaw to cause a denial of service. (CVE-2011-3593, Moderate)

    • A flaw in the way memory containing security-related data was handled in tpm_read() could allow a local, unprivileged user to read the results of a previously run TPM command. (CVE-2011-1162, Low)

    • A heap overflow flaw was found in the Linux kernel's EFI GUID Partition Table (GPT) implementation. A local attacker could use this flaw to cause a denial of service by mounting a disk that contains specially-crafted partition tables. (CVE-2011-1577, Low)

    • The I/O statistics from the taskstats subsystem could be read without any restrictions. A local, unprivileged user could use this flaw to gather confidential information, such as the length of a password used in a process. (CVE-2011-2494, Low)

    • It was found that the perf tool, a part of the Linux kernel's Performance Events implementation, could load its configuration file from the current working directory. If a local user with access to the perf tool were tricked into running perf in a directory that contains a specially-crafted configuration file, it could cause perf to overwrite arbitrary files and directories accessible to that user. (CVE-2011-2905, Low)

    Red Hat would like to thank Fernando Gont for reporting CVE-2011-2699; Darren Lavender for reporting CVE-2011-3191; Dan Kaminsky for reporting CVE-2011-3188; Yogesh Sharma for reporting CVE-2011-3363; Gideon Naim for reporting CVE-2011-3593; Peter Huewe for reporting CVE-2011-1162; Timo Warns for reporting CVE-2011-1577; and Vasiliy Kulikov of Openwall for reporting CVE-2011-2494.

    This update also fixes various bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.

    1. Solution:

    Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect.

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

    To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.

    1. Bugs fixed (http://bugzilla.redhat.com/):

    695976 - CVE-2011-1577 kernel: corrupted GUID partition tables can cause kernel oops 716842 - CVE-2011-2494 kernel: taskstats io infoleak 723429 - CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable 729808 - CVE-2011-2905 kernel: perf tools: may parse user-controlled configuration file 732629 - CVE-2011-1162 kernel: tpm: infoleak 732658 - CVE-2011-3188 kernel: net: improve sequence number generation 732869 - CVE-2011-3191 kernel: cifs: signedness issue in CIFSFindNext() 736761 - CVE-2011-3353 kernel: fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message 738202 - CVE-2011-3359 kernel: b43: allocate receive buffers big enough for max frame len + offset 738291 - CVE-2011-3363 kernel: cifs: always do is_path_accessible check in cifs_mount 740352 - make guest mode entry to be rcu quiescent state [rhel-6.1.z] 741166 - enclosure fix [rhel-6.1.z] 742846 - CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames 743807 - igb: failed to activate WOL on 2nd LAN port on i350 [rhel-6.1.z] 744811 - Non-responsive scsi target leads to excessive scsi recovery and dm-mp failover time [rhel-6.1.z] 748808 - Host got crash when guest running netperf client with UDP_STREAM protocol with IPV6 [rhel-6.1.z] 755584 - CVE-2011-4326 kernel: wrong headroom check in udp6_ufo_fragment()

    1. Package List:

    Red Hat Enterprise Linux Desktop (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm

    i386: kernel-2.6.32-131.21.1.el6.i686.rpm kernel-debug-2.6.32-131.21.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.i686.rpm kernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm kernel-debuginfo-2.6.32-131.21.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-131.21.1.el6.i686.rpm kernel-devel-2.6.32-131.21.1.el6.i686.rpm kernel-headers-2.6.32-131.21.1.el6.i686.rpm perf-2.6.32-131.21.1.el6.i686.rpm perf-debuginfo-2.6.32-131.21.1.el6.i686.rpm

    noarch: kernel-doc-2.6.32-131.21.1.el6.noarch.rpm kernel-firmware-2.6.32-131.21.1.el6.noarch.rpm

    x86_64: kernel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm kernel-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-headers-2.6.32-131.21.1.el6.x86_64.rpm perf-2.6.32-131.21.1.el6.x86_64.rpm perf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm

    Red Hat Enterprise Linux HPC Node (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm

    noarch: kernel-doc-2.6.32-131.21.1.el6.noarch.rpm kernel-firmware-2.6.32-131.21.1.el6.noarch.rpm

    x86_64: kernel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm kernel-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-headers-2.6.32-131.21.1.el6.x86_64.rpm perf-2.6.32-131.21.1.el6.x86_64.rpm perf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm

    i386: kernel-2.6.32-131.21.1.el6.i686.rpm kernel-debug-2.6.32-131.21.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.i686.rpm kernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm kernel-debuginfo-2.6.32-131.21.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-131.21.1.el6.i686.rpm kernel-devel-2.6.32-131.21.1.el6.i686.rpm kernel-headers-2.6.32-131.21.1.el6.i686.rpm perf-2.6.32-131.21.1.el6.i686.rpm perf-debuginfo-2.6.32-131.21.1.el6.i686.rpm

    noarch: kernel-doc-2.6.32-131.21.1.el6.noarch.rpm kernel-firmware-2.6.32-131.21.1.el6.noarch.rpm

    ppc64: kernel-2.6.32-131.21.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-131.21.1.el6.ppc64.rpm kernel-debug-2.6.32-131.21.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-131.21.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-131.21.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-131.21.1.el6.ppc64.rpm kernel-devel-2.6.32-131.21.1.el6.ppc64.rpm kernel-headers-2.6.32-131.21.1.el6.ppc64.rpm perf-2.6.32-131.21.1.el6.ppc64.rpm perf-debuginfo-2.6.32-131.21.1.el6.ppc64.rpm

    s390x: kernel-2.6.32-131.21.1.el6.s390x.rpm kernel-debug-2.6.32-131.21.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.s390x.rpm kernel-debug-devel-2.6.32-131.21.1.el6.s390x.rpm kernel-debuginfo-2.6.32-131.21.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-131.21.1.el6.s390x.rpm kernel-devel-2.6.32-131.21.1.el6.s390x.rpm kernel-headers-2.6.32-131.21.1.el6.s390x.rpm kernel-kdump-2.6.32-131.21.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-131.21.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-131.21.1.el6.s390x.rpm perf-2.6.32-131.21.1.el6.s390x.rpm perf-debuginfo-2.6.32-131.21.1.el6.s390x.rpm

    x86_64: kernel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm kernel-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-headers-2.6.32-131.21.1.el6.x86_64.rpm perf-2.6.32-131.21.1.el6.x86_64.rpm perf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm

    i386: kernel-2.6.32-131.21.1.el6.i686.rpm kernel-debug-2.6.32-131.21.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.i686.rpm kernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm kernel-debuginfo-2.6.32-131.21.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-131.21.1.el6.i686.rpm kernel-devel-2.6.32-131.21.1.el6.i686.rpm kernel-headers-2.6.32-131.21.1.el6.i686.rpm perf-2.6.32-131.21.1.el6.i686.rpm perf-debuginfo-2.6.32-131.21.1.el6.i686.rpm

    noarch: kernel-doc-2.6.32-131.21.1.el6.noarch.rpm kernel-firmware-2.6.32-131.21.1.el6.noarch.rpm

    x86_64: kernel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm kernel-devel-2.6.32-131.21.1.el6.x86_64.rpm kernel-headers-2.6.32-131.21.1.el6.x86_64.rpm perf-2.6.32-131.21.1.el6.x86_64.rpm perf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2011-1162.html https://www.redhat.com/security/data/cve/CVE-2011-1577.html https://www.redhat.com/security/data/cve/CVE-2011-2494.html https://www.redhat.com/security/data/cve/CVE-2011-2699.html https://www.redhat.com/security/data/cve/CVE-2011-2905.html https://www.redhat.com/security/data/cve/CVE-2011-3188.html https://www.redhat.com/security/data/cve/CVE-2011-3191.html https://www.redhat.com/security/data/cve/CVE-2011-3353.html https://www.redhat.com/security/data/cve/CVE-2011-3359.html https://www.redhat.com/security/data/cve/CVE-2011-3363.html https://www.redhat.com/security/data/cve/CVE-2011-3593.html https://www.redhat.com/security/data/cve/CVE-2011-4326.html https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-1465

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFOy9KxXlSAg2UNWIIRApHRAKCrfJt7aIrWnGPf3TwUZKtul/8YUgCgtpZE l5BuL6rArAsWl76KlBJjWFw= =0G9b -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    The text of the original advisory is reproduced for reference:

    Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

    CVE-2011-1020

    Kees Cook discovered an issue in the /proc filesystem that allows local
    users to gain access to sensitive process information after execution of a
    setuid binary.
    

    CVE-2011-1576

    Ryan Sweat discovered an issue in the VLAN implementation.
    

    CVE-2011-2484

    Vasiliy Kulikov of Openwall discovered that the number of exit handlers that
    a process can register is not capped, resulting in local denial of service
    through resource exhaustion (cpu time and memory).
    

    CVE-2011-2491

    Vasily Averin discovered an issue with the NFS locking implementation.  A
    malicious NFS server can cause a client to hang indefinitely in an unlock
    call.
    

    CVE-2011-2492

    Marek Kroemeke and Filip Palian discovered that uninitialized struct
    elements in the Bluetooth subsystem could lead to a leak of sensitive kernel
    memory through leaked stack memory.
    

    CVE-2011-2497

    Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem,
    which could lead to denial of service or privilege escalation.
    

    CVE-2011-2517

    It was discovered that the netlink-based wireless configuration interface
    performed insufficient length validation when parsing SSIDs, resulting in
    buffer overflows.
    

    CVE-2011-2525

    Ben Pfaff reported an issue in the network scheduling code.
    

    CVE-2011-2700

    Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the
    driver for the Si4713 FM Radio Transmitter driver used by N900 devices.
    

    CVE-2011-2909

    Vasiliy Kulikov of Openwall discovered that a programming error in
    the Comedi driver could lead to the information disclosure through 
    leaked stack memory.
    

    CVE-2011-2918

    Vince Weaver discovered that incorrect handling of software event overflows
    in the 'perf' analysis tool could lead to local denial of service.
    

    CVE-2011-2928

    Timo Warns discovered that insufficient validation of Be filesystem images
    could lead to local denial of service if a malformed filesystem image is
    mounted.
    

    CVE-2011-3188

    Dan Kaminsky reported a weakness of the sequence number generation in the
    TCP protocol implementation. This can be used by remote attackers to inject
    packets into an active session.
    

    This update also includes a fix for a regression introduced with the previous security fix for CVE-2011-1768 (Debian: #633738)

    For the stable distribution (squeeze), this problem has been fixed in version 2.6.32-35squeeze2. Updates for issues impacting the oldstable distribution (lenny) will be available soon.

    The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:

                                             Debian 6.0 (squeeze)
     user-mode-linux                         2.6.32-1um-4+35squeeze2
    

    We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Relevant releases/architectures:

    MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64

    This update also fixes the following bugs:

    • Previously, a mismatch in the build-id of the kernel-rt and the one in the related debuginfo package caused failures in SystemTap and perf. (BZ#768413)

    • IBM x3650m3 systems were not able to boot the MRG Realtime kernel because they require a pmcraid driver that was not available.

    Software Description: - linux-mvl-dove: Linux kernel for DOVE

    Details:

    Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. (CVE-2011-1833)

    Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2494)

    Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. (CVE-2011-2497)

    It was discovered that the EXT4 filesystem contained multiple off-by-one flaws. (CVE-2011-2695)

    Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. (CVE-2011-2905)

    Time Warns discovered that long symlinks were incorrectly handled on Be filesystems. A remote attacker with a malicious server could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2011-3191)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 10.10: linux-image-2.6.32-419-dove 2.6.32-419.37

    After a standard system update you need to reboot your computer to make all the necessary changes.

    ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "kernel",
            "scope": "lt",
            "trust": 1.8,
            "vendor": "linux",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "big-ip protocol security module",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip edge gateway",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip edge gateway",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.1.0"
          },
          {
            "_id": null,
            "model": "big-ip protocol security module",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip wan optimization manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.1.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "arx",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "6.0.0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "arx",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "6.4.0"
          },
          {
            "_id": null,
            "model": "big-ip wan optimization manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "enterprise manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "2.1.0"
          },
          {
            "_id": null,
            "model": "big-ip edge gateway",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "big-ip wan optimization manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip wan optimization manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "firepass",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "6.1.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "big-ip protocol security module",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.2.4"
          },
          {
            "_id": null,
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "10.0.0"
          },
          {
            "_id": null,
            "model": "big-ip edge gateway",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.1.0"
          },
          {
            "_id": null,
            "model": "big-ip protocol security module",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "11.0.0"
          },
          {
            "_id": null,
            "model": "esx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "esx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "esx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "esxi",
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "1.2.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "1.3.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.2.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.2.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.3.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.3.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.3.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "2.3.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.7,
            "vendor": "linux",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.26"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.36"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.37"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.0.39"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.1.89"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.1.132"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.26"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.2.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.26"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.36"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.37"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.39"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.40"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.41"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.42"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.46"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.47"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.48"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.49"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.50"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.51"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.3.99"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.26"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.33.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.33.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.33.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.33.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.34.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.34.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.4.35.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.26"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.36"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.37"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.39"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.40"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.41"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.42"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.46"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.47"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.48"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.49"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.50"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.51"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.52"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.53"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.54"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.55"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.56"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.57"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.58"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.59"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.60"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.61"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.62"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.63"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.64"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.65"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.66"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.67"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.68"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.5.69"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.0"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.8.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.11.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.12.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.13.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.13.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.13.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.13.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.13.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.14.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.15.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.24"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.25"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.26"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.27"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.36"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.37"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.39"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.40"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.41"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.42"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.46"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.47"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.48"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.49"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.50"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.51"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.52"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.53"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.54"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.55"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.56"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.57"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.58"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.59"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.60"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.61"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.16.62"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.17.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.18.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.19.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.20.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.21.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.22.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.41"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.42"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.46"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.47"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.48"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.49"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.50"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.51"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.52"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.53"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.54"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.55"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.56"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.57"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.58"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.59"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.60"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.61"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.27.62"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.28.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.29.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.4"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.28"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.29"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.30"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.31"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.32"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.33"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.34"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.35"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.36"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.37"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.39"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.40"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.41"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.42"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.43"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.44"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.45"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.46"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.47"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.48"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.49"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.50"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.51"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.52"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.53"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.54"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.55"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.56"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.57"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.32.58"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.33.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.34.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.34.2"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.34.3"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.34.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.34.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.34.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.35.1"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.35.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.35.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.35.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.35.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.37"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.38"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "2.6.39"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.5"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.6"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.7"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.8"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.9"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.10"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.11"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.12"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.13"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.14"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.15"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.16"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.17"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.18"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.19"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.20"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.21"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.22"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.23"
          },
          {
            "_id": null,
            "model": "kernel",
            "scope": "eq",
            "trust": 0.1,
            "vendor": "linux",
            "version": "3.0.24"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2011-3188"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-3188"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:linux:linux_kernel",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:vmware:esx",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:vmware:esxi",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Dan Kaminsky",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2011-3188",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-3188",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.8,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2011-3188",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.4,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-51133",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULMON",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-3188",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "MEDIUM",
                "trust": 0.1,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2011-3188",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-3188",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-3188",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201108-429",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-51133",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2011-3188",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-51133"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-3188"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-3188"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. ( Network failure ) May be left in a state or network sessions may be taken away. The NFSv4 implementation is one of the distributed file system protocols.  Attackers\n    with physical access to a system\u0027s USB ports could obtain elevated\n    privileges using a specially crafted USB device. \n\nCVE-2011-0712\n\n    Rafael Dominguez Vega of MWR InfoSecurity reported an issue in the caiaq\n    module, a USB driver for Native Instruments USB audio devices. Attackers\n    with physical access to a system\u0027s USB ports could obtain elevated\n    privileges using a specially crafted USB device. \n\nCVE-2011-2213\n\n    Dan Rosenberg discovered an issue in the INET socket monitoring interface. Updates for the hppa and ia64 architectures will\nbe included in the upcoming 5.0.9 point release. \nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or \"leap-frog\" fashion. Note: To\ncorrect this issue, the RHSA-2011:1241 ecryptfs-utils update must also be\ninstalled. (CVE-2011-2496, Moderate)\n\n* GRO (Generic Receive Offload) fields could be left in an inconsistent\nstate. GRO is enabled by default in all network drivers that\nsupport it. (CVE-2011-2723, Moderate)\n\n* RHSA-2011:1065 introduced a regression in the Ethernet bridge\nimplementation. Xen hypervisor and KVM (Kernel-based\nVirtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942,\nModerate)\n\n* A flaw in the Xen hypervisor IOMMU error handling implementation could\nallow a privileged guest user, within a guest operating system that has\ndirect control of a PCI device, to cause performance degradation on the\nhost and possibly cause it to hang. The Ubuntu Security Team acknowledges\nVasiliy Kulikov of Openwall and Dan Rosenberg as the original reporters of\nCVE-2011-1833. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kernel security and bug fix update\nAdvisory ID:       RHSA-2011:1465-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2011-1465.html\nIssue date:        2011-11-22\nCVE Names:         CVE-2011-1162 CVE-2011-1577 CVE-2011-2494 \n                   CVE-2011-2699 CVE-2011-2905 CVE-2011-3188 \n                   CVE-2011-3191 CVE-2011-3353 CVE-2011-3359 \n                   CVE-2011-3363 CVE-2011-3593 CVE-2011-4326 \n=====================================================================\n\n1. Summary:\n\nUpdated kernel packages that fix multiple security issues and various bugs\nare now available for Red Hat Enterprise Linux 6. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nThis update fixes the following security issues:\n\n* IPv6 fragment identification value generation could allow a remote\nattacker to disrupt a target system\u0027s networking, preventing legitimate\nusers from accessing its services. (CVE-2011-2699, Important)\n\n* A signedness issue was found in the Linux kernel\u0027s CIFS (Common Internet\nFile System) implementation. A malicious CIFS server could send a\nspecially-crafted response to a directory read request that would result in\na denial of service or privilege escalation on a system that has a CIFS\nshare mounted. (CVE-2011-3191, Important)\n\n* A flaw was found in the way the Linux kernel handled fragmented IPv6 UDP\ndatagrams over the bridge with UDP Fragmentation Offload (UFO)\nfunctionality on. A remote attacker could use this flaw to cause a denial\nof service. (CVE-2011-4326, Important)\n\n* The way IPv4 and IPv6 protocol sequence numbers and fragment IDs were\ngenerated could allow a man-in-the-middle attacker to inject packets and\npossibly hijack connections. Protocol sequence numbers and fragment IDs are\nnow more random. (CVE-2011-3188, Moderate)\n\n* A buffer overflow flaw was found in the Linux kernel\u0027s FUSE (Filesystem\nin Userspace) implementation. A local user in the fuse group who has access\nto mount a FUSE file system could use this flaw to cause a denial of\nservice. (CVE-2011-3353, Moderate)\n\n* A flaw was found in the b43 driver in the Linux kernel. If a system had\nan active wireless interface that uses the b43 driver, an attacker able to\nsend a specially-crafted frame to that interface could cause a denial of\nservice. (CVE-2011-3359, Moderate)\n\n* A flaw was found in the way CIFS shares with DFS referrals at their root\nwere handled. An attacker on the local network who is able to deploy a\nmalicious CIFS server could create a CIFS network share that, when mounted,\nwould cause the client system to crash. (CVE-2011-3363, Moderate)\n\n* A flaw was found in the way the Linux kernel handled VLAN 0 frames with\nthe priority tag set. When using certain network drivers, an attacker on\nthe local network could use this flaw to cause a denial of service. \n(CVE-2011-3593, Moderate)\n\n* A flaw in the way memory containing security-related data was handled in\ntpm_read() could allow a local, unprivileged user to read the results of a\npreviously run TPM command. (CVE-2011-1162, Low)\n\n* A heap overflow flaw was found in the Linux kernel\u0027s EFI GUID Partition\nTable (GPT) implementation. A local attacker could use this flaw to cause\na denial of service by mounting a disk that contains specially-crafted\npartition tables. (CVE-2011-1577, Low)\n\n* The I/O statistics from the taskstats subsystem could be read without\nany restrictions. A local, unprivileged user could use this flaw to gather\nconfidential information, such as the length of a password used in a\nprocess. (CVE-2011-2494, Low)\n\n* It was found that the perf tool, a part of the Linux kernel\u0027s Performance\nEvents implementation, could load its configuration file from the current\nworking directory. If a local user with access to the perf tool were\ntricked into running perf in a directory that contains a specially-crafted\nconfiguration file, it could cause perf to overwrite arbitrary files and\ndirectories accessible to that user. (CVE-2011-2905, Low)\n\nRed Hat would like to thank Fernando Gont for reporting CVE-2011-2699;\nDarren Lavender for reporting CVE-2011-3191; Dan Kaminsky for reporting\nCVE-2011-3188; Yogesh Sharma for reporting CVE-2011-3363; Gideon Naim for\nreporting CVE-2011-3593; Peter Huewe for reporting CVE-2011-1162; Timo\nWarns for reporting CVE-2011-1577; and Vasiliy Kulikov of Openwall for\nreporting CVE-2011-2494. \n\nThis update also fixes various bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section. \n\n4. Solution:\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect. \n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system. \n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n695976 - CVE-2011-1577 kernel: corrupted GUID partition tables can cause kernel oops\n716842 - CVE-2011-2494 kernel: taskstats io infoleak\n723429 - CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable\n729808 - CVE-2011-2905 kernel: perf tools: may parse user-controlled configuration file\n732629 - CVE-2011-1162 kernel: tpm: infoleak\n732658 - CVE-2011-3188 kernel: net: improve sequence number generation\n732869 - CVE-2011-3191 kernel: cifs: signedness issue in CIFSFindNext()\n736761 - CVE-2011-3353 kernel: fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message\n738202 - CVE-2011-3359 kernel: b43: allocate receive buffers big enough for max frame len + offset\n738291 - CVE-2011-3363 kernel: cifs: always do is_path_accessible check in cifs_mount\n740352 - make guest mode entry to be rcu quiescent state [rhel-6.1.z]\n741166 - enclosure fix [rhel-6.1.z]\n742846 - CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames\n743807 - igb: failed to activate WOL on 2nd LAN port on i350 [rhel-6.1.z]\n744811 - Non-responsive scsi target leads to excessive scsi recovery and dm-mp failover time [rhel-6.1.z]\n748808 - Host got crash when guest running netperf client with UDP_STREAM protocol with IPV6 [rhel-6.1.z]\n755584 - CVE-2011-4326 kernel: wrong headroom check in udp6_ufo_fragment()\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-131.21.1.el6.i686.rpm\nkernel-devel-2.6.32-131.21.1.el6.i686.rpm\nkernel-headers-2.6.32-131.21.1.el6.i686.rpm\nperf-2.6.32-131.21.1.el6.i686.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.i686.rpm\n\nnoarch:\nkernel-doc-2.6.32-131.21.1.el6.noarch.rpm\nkernel-firmware-2.6.32-131.21.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-headers-2.6.32-131.21.1.el6.x86_64.rpm\nperf-2.6.32-131.21.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm\n\nnoarch:\nkernel-doc-2.6.32-131.21.1.el6.noarch.rpm\nkernel-firmware-2.6.32-131.21.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-headers-2.6.32-131.21.1.el6.x86_64.rpm\nperf-2.6.32-131.21.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-131.21.1.el6.i686.rpm\nkernel-devel-2.6.32-131.21.1.el6.i686.rpm\nkernel-headers-2.6.32-131.21.1.el6.i686.rpm\nperf-2.6.32-131.21.1.el6.i686.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.i686.rpm\n\nnoarch:\nkernel-doc-2.6.32-131.21.1.el6.noarch.rpm\nkernel-firmware-2.6.32-131.21.1.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-debug-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-devel-2.6.32-131.21.1.el6.ppc64.rpm\nkernel-headers-2.6.32-131.21.1.el6.ppc64.rpm\nperf-2.6.32-131.21.1.el6.ppc64.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-131.21.1.el6.s390x.rpm\nkernel-debug-2.6.32-131.21.1.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.s390x.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.s390x.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-131.21.1.el6.s390x.rpm\nkernel-devel-2.6.32-131.21.1.el6.s390x.rpm\nkernel-headers-2.6.32-131.21.1.el6.s390x.rpm\nkernel-kdump-2.6.32-131.21.1.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-131.21.1.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-131.21.1.el6.s390x.rpm\nperf-2.6.32-131.21.1.el6.s390x.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-headers-2.6.32-131.21.1.el6.x86_64.rpm\nperf-2.6.32-131.21.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/kernel-2.6.32-131.21.1.el6.src.rpm\n\ni386:\nkernel-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.i686.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-131.21.1.el6.i686.rpm\nkernel-devel-2.6.32-131.21.1.el6.i686.rpm\nkernel-headers-2.6.32-131.21.1.el6.i686.rpm\nperf-2.6.32-131.21.1.el6.i686.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.i686.rpm\n\nnoarch:\nkernel-doc-2.6.32-131.21.1.el6.noarch.rpm\nkernel-firmware-2.6.32-131.21.1.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-devel-2.6.32-131.21.1.el6.x86_64.rpm\nkernel-headers-2.6.32-131.21.1.el6.x86_64.rpm\nperf-2.6.32-131.21.1.el6.x86_64.rpm\nperf-debuginfo-2.6.32-131.21.1.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-1162.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-1577.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2494.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2699.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2905.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3188.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3191.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3353.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3359.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3363.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-3593.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-4326.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-1465\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOy9KxXlSAg2UNWIIRApHRAKCrfJt7aIrWnGPf3TwUZKtul/8YUgCgtpZE\nl5BuL6rArAsWl76KlBJjWFw=\n=0G9b\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\n\nThe text of the original advisory is reproduced for reference:\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service or privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2011-1020 \n\n    Kees Cook discovered an issue in the /proc filesystem that allows local\n    users to gain access to sensitive process information after execution of a\n    setuid binary. \n\nCVE-2011-1576 \n\n    Ryan Sweat discovered an issue in the VLAN implementation. \n\nCVE-2011-2484 \n\n    Vasiliy Kulikov of Openwall discovered that the number of exit handlers that\n    a process can register is not capped, resulting in local denial of service\n    through resource exhaustion (cpu time and memory). \n\nCVE-2011-2491\n\n    Vasily Averin discovered an issue with the NFS locking implementation.  A\n    malicious NFS server can cause a client to hang indefinitely in an unlock\n    call. \n\nCVE-2011-2492 \n\n    Marek Kroemeke and Filip Palian discovered that uninitialized struct\n    elements in the Bluetooth subsystem could lead to a leak of sensitive kernel\n    memory through leaked stack memory. \n\nCVE-2011-2497\n\n    Dan Rosenberg discovered an integer underflow in the Bluetooth subsystem,\n    which could lead to denial of service or privilege escalation. \n\nCVE-2011-2517 \n\n    It was discovered that the netlink-based wireless configuration interface\n    performed insufficient length validation when parsing SSIDs, resulting in\n    buffer overflows. \n\nCVE-2011-2525 \n\n    Ben Pfaff reported an issue in the network scheduling code. \n\nCVE-2011-2700 \n\n    Mauro Carvalho Chehab of Red Hat reported a buffer overflow issue in the\n    driver for the Si4713 FM Radio Transmitter driver used by N900 devices. \n\nCVE-2011-2909 \n\n    Vasiliy Kulikov of Openwall discovered that a programming error in\n    the Comedi driver could lead to the information disclosure through \n    leaked stack memory. \n\nCVE-2011-2918 \n\n    Vince Weaver discovered that incorrect handling of software event overflows\n    in the \u0027perf\u0027 analysis tool could lead to local denial of service. \n\nCVE-2011-2928\n\n    Timo Warns discovered that insufficient validation of Be filesystem images\n    could lead to local denial of service if a malformed filesystem image is\n    mounted. \n\nCVE-2011-3188 \n\n    Dan Kaminsky reported a weakness of the sequence number generation in the\n    TCP protocol implementation. This can be used by remote attackers to inject\n    packets into an active session. \n\nThis update also includes a fix for a regression introduced with the previous\nsecurity fix for CVE-2011-1768 (Debian: #633738)\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n2.6.32-35squeeze2. Updates for issues impacting the oldstable distribution\n(lenny) will be available soon. \n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n                                             Debian 6.0 (squeeze)\n     user-mode-linux                         2.6.32-1um-4+35squeeze2\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Relevant releases/architectures:\n\nMRG Realtime for RHEL 6 Server v.2 - noarch, x86_64\n\n3. \n\nThis update also fixes the following bugs:\n\n* Previously, a mismatch in the build-id of the kernel-rt and the one in\nthe related debuginfo package caused failures in SystemTap and perf. \n(BZ#768413)\n\n* IBM x3650m3 systems were not able to boot the MRG Realtime kernel because\nthey require a pmcraid driver that was not available. \n\nSoftware Description:\n- linux-mvl-dove: Linux kernel for DOVE\n\nDetails:\n\nRyan Sweat discovered that the kernel incorrectly handled certain VLAN\npackets. (CVE-2011-1833)\n\nVasiliy Kulikov discovered that taskstats did not enforce access\nrestrictions. A local attacker could exploit this to read certain\ninformation, leading to a loss of privacy. (CVE-2011-2494)\n\nVasiliy Kulikov discovered that /proc/PID/io did not enforce access\nrestrictions. A local attacker could exploit this to read certain\ninformation, leading to a loss of privacy. (CVE-2011-2497)\n\nIt was discovered that the EXT4 filesystem contained multiple off-by-one\nflaws. (CVE-2011-2695)\n\nFernando Gont discovered that the IPv6 stack used predictable fragment\nidentification numbers. \n(CVE-2011-2905)\n\nTime Warns discovered that long symlinks were incorrectly handled on Be\nfilesystems. A remote attacker with a malicious server could exploit this\nto crash the system or possibly execute arbitrary code as the root user. \n(CVE-2011-3191)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 10.10:\n  linux-image-2.6.32-419-dove     2.6.32-419.37\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. Unless you\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\nlinux-server, linux-powerpc), a standard system upgrade will automatically\nperform this as well",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-3188"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          },
          {
            "db": "VULHUB",
            "id": "VHN-51133"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-3188"
          },
          {
            "db": "PACKETSTORM",
            "id": "105308"
          },
          {
            "db": "PACKETSTORM",
            "id": "105713"
          },
          {
            "db": "PACKETSTORM",
            "id": "105455"
          },
          {
            "db": "PACKETSTORM",
            "id": "106032"
          },
          {
            "db": "PACKETSTORM",
            "id": "107225"
          },
          {
            "db": "PACKETSTORM",
            "id": "104991"
          },
          {
            "db": "PACKETSTORM",
            "id": "108557"
          },
          {
            "db": "PACKETSTORM",
            "id": "106206"
          }
        ],
        "trust": 2.52
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-51133",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-51133"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-3188",
            "trust": 3.4
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2011/08/23/2",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2019.4751",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "49289",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106496",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-51133",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-3188",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105308",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105713",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105455",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106032",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "107225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "104991",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "108557",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106206",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-51133"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-3188"
          },
          {
            "db": "PACKETSTORM",
            "id": "105308"
          },
          {
            "db": "PACKETSTORM",
            "id": "105713"
          },
          {
            "db": "PACKETSTORM",
            "id": "105455"
          },
          {
            "db": "PACKETSTORM",
            "id": "106032"
          },
          {
            "db": "PACKETSTORM",
            "id": "107225"
          },
          {
            "db": "PACKETSTORM",
            "id": "104991"
          },
          {
            "db": "PACKETSTORM",
            "id": "108557"
          },
          {
            "db": "PACKETSTORM",
            "id": "106206"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-3188"
          }
        ]
      },
      "id": "VAR-201205-0016",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-51133"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:30:28.954000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "ChangeLog-3.1",
            "trust": 0.8,
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1"
          },
          {
            "title": "crypto: Move md5_transform to lib/md5.c",
            "trust": 0.8,
            "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "title": "net: Compute protocol sequence numbers and fragment IDs using MD5.",
            "trust": 0.8,
            "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "title": "linux/kernel/git/torvalds/linux-2.6.git / commit (crypto: Move md5_transform to lib/md5.c)",
            "trust": 0.8,
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "title": "linux/kernel/git/torvalds/linux-2.6.git / commit (net: Compute protocol sequence numbers and fragment IDs using MD5)",
            "trust": 0.8,
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "title": "Linux Kernel Archives",
            "trust": 0.8,
            "url": "http://www.kernel.org"
          },
          {
            "title": "Bug 732658",
            "trust": 0.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
          },
          {
            "title": "VMSA-2012-0013",
            "trust": 0.8,
            "url": "http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2012-0013.html"
          },
          {
            "title": "linux-3.3.7",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=43221"
          },
          {
            "title": "Red Hat: Important: kernel security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20111465 - Security Advisory"
          },
          {
            "title": "Red Hat: Important: kernel-rt security and bug fix update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20120010 - Security Advisory"
          },
          {
            "title": "Ubuntu Security Notice: linux vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1236-1"
          },
          {
            "title": "Ubuntu Security Notice: linux vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1246-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2011-016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2011-016"
          },
          {
            "title": "Ubuntu Security Notice: linux-lts-backport-maverick vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1242-1"
          },
          {
            "title": "Ubuntu Security Notice: linux vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1243-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-ti-omap4 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1228-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-ti-omap4 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1220-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-mvl-dove vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1245-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-ec2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1239-1"
          },
          {
            "title": "Ubuntu Security Notice: linux vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1253-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-mvl-dove vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1240-1"
          },
          {
            "title": "Ubuntu Security Notice: linux-fsl-imx51 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1241-1"
          },
          {
            "title": "Debian Security Advisories: DSA-2310-1 linux-2.6 -- privilege escalation/denial of service/information leak",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=32718749d125111cbdd89954674b3eef"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2011-026",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2011-026"
          },
          {
            "title": "Debian Security Advisories: DSA-2303-2 linux-2.6 -- privilege escalation/denial of service/information leak",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=2a2d240162691a031ffdb625c608418b"
          },
          {
            "title": "VMware Security Advisories: VMware vSphere and vCOps updates to third party libraries",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=ebfa7ecfec1f973ff975279d7fce2976"
          },
          {
            "title": "Ubuntu Security Notice: linux-lts-backport-natty vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-1256-1"
          },
          {
            "title": "function_level_granularity",
            "trust": 0.1,
            "url": "https://github.com/znd15/function_level_granularity "
          },
          {
            "title": "kernel_cve",
            "trust": 0.1,
            "url": "https://github.com/Parkhomets/kernel_cve "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2011-3188"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-DesignError",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-3188"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.8,
            "url": "http://www.openwall.com/lists/oss-security/2011/08/23/2"
          },
          {
            "trust": 1.8,
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/changelog-3.1"
          },
          {
            "trust": 1.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732658"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/torvalds/linux/commit/6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/torvalds/linux/commit/bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "trust": 1.7,
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3ba=commit%3bh=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "trust": 1.7,
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3ba=commit%3bh=bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=139447903326211\u0026w=2"
          },
          {
            "trust": 1.6,
            "url": "https://support.f5.com/csp/article/k15301?utm_source=f5support\u0026amp%3butm_medium=rss"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3188"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3191"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3188"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3188"
          },
          {
            "trust": 0.7,
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6e5714eaf77d79ae1c8b47e3e040ff5411b717ec"
          },
          {
            "trust": 0.7,
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bc0b96b54a21246e377122d54569eef71cec535f"
          },
          {
            "trust": 0.7,
            "url": "https://support.f5.com/csp/article/k15301?utm_source=f5support\u0026utm_medium=rss"
          },
          {
            "trust": 0.6,
            "url": "https://support.f5.com/csp/article/k15301"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2019.4751/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2497"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2928"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2723"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2496"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2495"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2484"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2213"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2695"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2700"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1576"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3188.html"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/kb/docs/doc-11259"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2699"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.3,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3191.html"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2494"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2905"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1020"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2492"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-4067"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2525"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2491"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1776"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2723.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2699.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1833"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3359"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3353"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1162"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-1162.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2494.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3363"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-4326.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4326"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3359.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3363.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3353.html"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=139447903326211\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "https://support.f5.com/csp/article/k15301?utm_source=f5support\u0026amp;amp%3butm_medium=rss"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/vulnerabilities/vmsa-2012-0013-cve-2011-3188"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24018"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/1236-1/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0712"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2211"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2209"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-1228-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.38-1209.16"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.35-903.25"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-1220-1"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2496.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3131.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-1585.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2942.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1585"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-1160.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3209"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1065.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-1833.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2942"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1386.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2484.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3347"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3347.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3131"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1160"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1241.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3209.html"
          },
          {
            "trust": 0.1,
            "url": "https://docs.redhat.com/docs/en-us/red_hat_enterprise_linux/5/html/5.7_technical_notes/kernel.html#rhsa-2011-1386"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2695.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2009-4067.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2905.html"
          },
          {
            "trust": 0.1,
            "url": "https://docs.redhat.com/docs/en-us/red_hat_enterprise_linux/6/html/6.1_technical_notes/kernel.html#rhsa-2011-1465"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3593"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1577"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-1577.html"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1465.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3593.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2517"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2909"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2918"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4081"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3637"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-3637.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-4110.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4110"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-4132.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-4081.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2898"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2898.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-4132"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2012-0010.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-1245-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/linux-mvl-dove/2.6.32-419.37"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-51133"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-3188"
          },
          {
            "db": "PACKETSTORM",
            "id": "105308"
          },
          {
            "db": "PACKETSTORM",
            "id": "105713"
          },
          {
            "db": "PACKETSTORM",
            "id": "105455"
          },
          {
            "db": "PACKETSTORM",
            "id": "106032"
          },
          {
            "db": "PACKETSTORM",
            "id": "107225"
          },
          {
            "db": "PACKETSTORM",
            "id": "104991"
          },
          {
            "db": "PACKETSTORM",
            "id": "108557"
          },
          {
            "db": "PACKETSTORM",
            "id": "106206"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-3188"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-51133",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-3188",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105308",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105713",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105455",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "106032",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "107225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "104991",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "108557",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "106206",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-3188",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2012-05-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-51133",
            "ident": null
          },
          {
            "date": "2012-05-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2011-3188",
            "ident": null
          },
          {
            "date": "2011-09-23T20:11:00",
            "db": "PACKETSTORM",
            "id": "105308",
            "ident": null
          },
          {
            "date": "2011-10-12T14:47:51",
            "db": "PACKETSTORM",
            "id": "105713",
            "ident": null
          },
          {
            "date": "2011-09-29T23:48:37",
            "db": "PACKETSTORM",
            "id": "105455",
            "ident": null
          },
          {
            "date": "2011-10-20T22:58:37",
            "db": "PACKETSTORM",
            "id": "106032",
            "ident": null
          },
          {
            "date": "2011-11-23T00:35:07",
            "db": "PACKETSTORM",
            "id": "107225",
            "ident": null
          },
          {
            "date": "2011-09-11T17:35:34",
            "db": "PACKETSTORM",
            "id": "104991",
            "ident": null
          },
          {
            "date": "2012-01-11T07:29:41",
            "db": "PACKETSTORM",
            "id": "108557",
            "ident": null
          },
          {
            "date": "2011-10-25T19:55:57",
            "db": "PACKETSTORM",
            "id": "106206",
            "ident": null
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-429",
            "ident": null
          },
          {
            "date": "2012-05-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-002543",
            "ident": null
          },
          {
            "date": "2012-05-24T23:55:02.213000",
            "db": "NVD",
            "id": "CVE-2011-3188",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-51133",
            "ident": null
          },
          {
            "date": "2020-07-29T00:00:00",
            "db": "VULMON",
            "id": "CVE-2011-3188",
            "ident": null
          },
          {
            "date": "2023-02-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-429",
            "ident": null
          },
          {
            "date": "2012-12-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-002543",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-3188",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "107225"
          },
          {
            "db": "PACKETSTORM",
            "id": "108557"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "Linux Kernel of  IPv4 When  IPv6 Service disruption in implementations  ( Network failure ) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002543"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-429"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201302-0147

    Vulnerability from variot - Updated: 2026-04-10 23:28

    Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)

    A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA52166

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    RELEASE DATE: 2013-02-12

    DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/52166/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

    1) Some unspecified errors can be exploited to cause buffer overflows.

    2) Some use-after-free errors can be exploited to dereference already freed memory.

    4) An unspecified error can be exploited to corrupt memory.

    5) An unspecified error can be exploited to corrupt memory.

    6) An unspecified error can be exploited to disclose certain sensitive information.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.

    ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.59x (air for ios include ) (windows"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include ) (windows"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 64-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(macintosh    linux)"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 32-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (macintosh)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "11.1.111.5"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.1.0.488"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "11.1.111.16"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "11.1.111.19"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.1.0.485"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "11.0.1.153"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.0.0.4080"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.1.0.4880"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "11.1.102.59"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "11.1.111.31"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "57923"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0642"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_8",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security Team",
        "sources": [
          {
            "db": "BID",
            "id": "57923"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-0642",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-0642",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-60644",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-0642",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-0642",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201302-168",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-60644",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60644"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0642"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2013:0254-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date:        2013-02-13\nCVE Names:         CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n                   CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n                   CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n                   CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n                   CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n                   CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-0642"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          },
          {
            "db": "BID",
            "id": "57923"
          },
          {
            "db": "VULHUB",
            "id": "VHN-60644"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-0642",
            "trust": 3.0
          },
          {
            "db": "USCERT",
            "id": "TA13-043A",
            "trust": 1.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52166",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52164",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52197",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52203",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52163",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "57923",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-60644",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60644"
          },
          {
            "db": "BID",
            "id": "57923"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0642"
          }
        ]
      },
      "id": "VAR-201302-0147",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60644"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:28:24.344000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB13-05",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "title": "APSB13-05 (cq02121817)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "openSUSE-SU-2013:0295",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "title": "SUSE-SU-2013:0296",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "title": "openSUSE-SU-2013:0298",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "title": "RHSA-2013:0254",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
          },
          {
            "title": "install_flash_player_11_linux.i386",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45304"
          },
          {
            "title": "install_flash_player_osx",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45303"
          },
          {
            "title": "install_flashplayer11x32_mssd_aih",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45302"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60644"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0642"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0642"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta13-043a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0642"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52163"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52164"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52166"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52197"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52203"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/air/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60644"
          },
          {
            "db": "BID",
            "id": "57923"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0642"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-60644",
            "ident": null
          },
          {
            "db": "BID",
            "id": "57923",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0642",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-60644",
            "ident": null
          },
          {
            "date": "2013-02-12T00:00:00",
            "db": "BID",
            "id": "57923",
            "ident": null
          },
          {
            "date": "2013-02-13T19:12:55",
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2013-02-12T06:40:24",
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-168",
            "ident": null
          },
          {
            "date": "2013-02-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001482",
            "ident": null
          },
          {
            "date": "2013-02-12T20:55:04.403000",
            "db": "NVD",
            "id": "CVE-2013-0642",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-60644",
            "ident": null
          },
          {
            "date": "2013-09-17T00:15:00",
            "db": "BID",
            "id": "57923",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-168",
            "ident": null
          },
          {
            "date": "2013-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001482",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-0642",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001482"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-168"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201504-0147

    Vulnerability from variot - Updated: 2026-04-10 23:26

    cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL/libcURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL/libcURL 7.10.6 through versions 7.41.0 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. curl is a set of file transfer tools that use URL syntax to work on the command line. libcurl is a free, open source client-side URL transfer library. ============================================================================ Ubuntu Security Notice USN-2591-1 April 30, 2015

    curl vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 15.04
    • Ubuntu 14.10
    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS

    Summary:

    Several security issues were fixed in curl.

    Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries

    Details:

    Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. (CVE-2015-3143)

    Hanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially crafted host name, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. If a user or automated system were tricked into parsing a specially crafted cookie, an attacker could possibly use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3145)

    Isaac Boukris discovered that when using Negotiate authenticated connections, curl could incorrectly authenticate the entire connection and not just specific HTTP requests. (CVE-2015-3148)

    Yehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers both to servers and proxies by default, contrary to expectations. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 15.04: libcurl3 7.38.0-3ubuntu2.2 libcurl3-gnutls 7.38.0-3ubuntu2.2 libcurl3-nss 7.38.0-3ubuntu2.2

    Ubuntu 14.10: libcurl3 7.37.1-1ubuntu3.4 libcurl3-gnutls 7.37.1-1ubuntu3.4 libcurl3-nss 7.37.1-1ubuntu3.4

    Ubuntu 14.04 LTS: libcurl3 7.35.0-1ubuntu2.5 libcurl3-gnutls 7.35.0-1ubuntu2.5 libcurl3-nss 7.35.0-1ubuntu2.5

    Ubuntu 12.04 LTS: libcurl3 7.22.0-3ubuntu4.14 libcurl3-gnutls 7.22.0-3ubuntu4.14 libcurl3-nss 7.22.0-3ubuntu4.14

    In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c04986859

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c04986859 Version: 1

    HPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware 7 and cURL, Remote Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2016-02-19 Last Updated: 2016-02-19

    Potential Security Impact: Remote Unauthorized Access

    Source: Hewlett Packard Enterprise, Product Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities in cURL and libcurl have been addressed with HPE iMC PLAT and other HP and H3C products using Comware 7. The vulnerabilities could be exploited remotely resulting in unauthorized access.

    References:

    • CVE-2015-3143
    • CVE-2015-3148
    • SSRT102110
    • PSRT110028

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Please refer to the RESOLUTION below for a list of impacted products.

    Note: all product versions are impacted prior to the fixed versions listed.

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2015-3143 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2015-3148 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    RESOLUTION HPE has released the following software updates to resolve the vulnerabilities in Comware 7 and iMC Plat.

    COMWARE 7 Products

    • 12500 (Comware 7) R7375
      • HP Network Products
      • JC085A HP A12518 Switch Chassis
      • JC086A HP A12508 Switch Chassis
      • JC652A HP 12508 DC Switch Chassis
      • JC653A HP 12518 DC Switch Chassis
      • JC654A HP 12504 AC Switch Chassis
      • JC655A HP 12504 DC Switch Chassis
      • JF430A HP A12518 Switch Chassis
      • JF430B HP 12518 Switch Chassis
      • JF430C HP 12518 AC Switch Chassis
      • JF431A HP A12508 Switch Chassis
      • JF431B HP 12508 Switch Chassis
      • JF431C HP 12508 AC Switch Chassis
      • JC072B HP 12500 Main Processing Unit
      • JG497A HP 12500 MPU w/Comware V7 OS
      • JG782A HP FF 12508E AC Switch Chassis
      • JG783A HP FF 12508E DC Switch Chassis
      • JG784A HP FF 12518E AC Switch Chassis
      • JG785A HP FF 12518E DC Switch Chassis
      • JG802A HP FF 12500E MPU
      • JG836A HP FlexFabric 12518E AC Switch TAA-compliant Chassis
      • JG834A HP FlexFabric 12508E AC Switch TAA-compliant Chassis
      • JG835A HP FlexFabric 12508E DC Switch TAA-compliant Chassis
      • JG837A HP FlexFabric 12518E DC Switch TAA-compliant Chassis
      • JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit
      • JG796A HP FlexFabric 12500 48-port 10GbE SFP+ FD Module
      • JG790A HP FlexFabric 12500 16-port 40GbE QSFP+ FD Module
      • JG794A HP FlexFabric 12500 40-port 10GbE SFP+ FG Module
      • JG792A HP FlexFabric 12500 40-port 10GbE SFP+ FD Module
      • JG788A HP FlexFabric 12500 4-port 100GbE CFP FG Module
      • JG786A HP FlexFabric 12500 4-port 100GbE CFP FD Module
      • JG797A HP FlexFabric 12500 48-port 10GbE SFP+ FD TAA-compliant Module
      • JG791A HP FlexFabric 12500 16-port 40GbE QSFP+ FD TAA-compliant Module
      • JG795A HP FlexFabric 12500 40-port 10GbE SFP+ FG TAA-compliant Module
      • JG793A HP FlexFabric 12500 40-port 10GbE SFP+ FD TAA-compliant Module
      • JG789A HP FlexFabric 12500 4-port 100GbE CFP FG TAA-compliant Module
      • JG787A HP FlexFabric 12500 4-port 100GbE CFP FD TAA-compliant Module
      • JG798A HP FlexFabric 12508E Fabric Module
      • H3C Products
      • H3C S12508 Routing Switch (AC-1) (0235A0GE)
      • H3C S12518 Routing Switch (AC-1) (0235A0GF)
      • H3C S12508 Chassis (0235A0E6)
      • H3C S12508 Chassis (0235A38N)
      • H3C S12518 Chassis (0235A0E7)
      • H3C S12518 Chassis (0235A38M)
      • H3C 12508 DC Switch Chassis (0235A38L)
      • H3C 12518 DC Switch Chassis (0235A38K)
    • 10500 (Comware 7) R7168
      • HP Network Products
      • JC611A HP 10508-V Switch Chassis
      • JC612A HP 10508 Switch Chassis
      • JC613A HP 10504 Switch Chassis
      • JC748A HP 10512 Switch Chassis
      • JG820A HP 10504 TAA Switch Chassis
      • JG821A HP 10508 TAA Switch Chassis
      • JG822A HP 10508-V TAA Switch Chassis
      • JG823A HP 10512 TAA Switch Chassis
      • JG496A HP 10500 Type A MPU w/Comware v7 OS
      • JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System
      • JH191A HP 10500 44-port GbE(SFP,LC)/ 4-port 10GbE SFP+ (SFP+,LC) SE Module
      • JH192A HP 10500 48-port Gig-T (RJ45) SE Module
      • JH193A HP 10500 16-port 10GbE SFP+ (SFP+,LC) SF Module
      • JH194A HP 10500 24-port 10GbE SFP+ (SFP+,LC) EC Module
      • JH195A HP 10500 6-port 40GbE QSFP+ EC Module
      • JH196A HP 10500 2-port 100GbE CFP EC Module
      • JH197A HP 10500 48-port 10GbE SFP+ (SFP+,LC) SG Module
    • 12900 (Comware 7) R1137
      • HP Network Products
      • JG619A HP FlexFabric 12910 Switch AC Chassis
      • JG621A HP FlexFabric 12910 Main Processing Unit
      • JG632A HP FlexFabric 12916 Switch AC Chassis
      • JG634A HP FlexFabric 12916 Main Processing Unit
      • JH104A HP FlexFabric 12900E Main Processing Unit
      • JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit
      • JH263A HP FlexFabric 12904E Main Processing Unit
      • JH255A HP FlexFabric 12908E Switch Chassis
      • JH262A HP FlexFabric 12904E Switch Chassis
      • JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis
      • JH103A HP FlexFabric 12916E Switch Chassis
    • 5900 (Comware 7) R2422P01
      • HP Network Products
      • JC772A HP 5900AF-48XG-4QSFP+ Switch
      • JG336A HP 5900AF-48XGT-4QSFP+ Switch
      • JG510A HP 5900AF-48G-4XG-2QSFP+ Switch
      • JG554A HP 5900AF-48XG-4QSFP+ TAA Switch
      • JG838A HP FF 5900CP-48XG-4QSFP+ Switch
      • JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant
      • JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch
      • JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant
    • 5920 (Comware 7) R2422P01
      • HP Network Products
      • JG296A HP 5920AF-24XG Switch
      • JG555A HP 5920AF-24XG TAA Switch
    • MSR1000 (Comware 7) R0304P04
      • HP Network Products
      • JG875A HP MSR1002-4 AC Router
      • JH060A HP MSR1003-8S AC Router
    • MSR2000 (Comware 7) R0304P04
      • HP Network Products
      • JG411A HP MSR2003 AC Router
      • JG734A HP MSR2004-24 AC Router
      • JG735A HP MSR2004-48 Router
      • JG866A HP MSR2003 TAA-compliant AC Router
    • MSR3000 (Comware 7) R0304P04
      • HP Network Products
      • JG404A HP MSR3064 Router
      • JG405A HP MSR3044 Router
      • JG406A HP MSR3024 AC Router
      • JG407A HP MSR3024 DC Router
      • JG408A HP MSR3024 PoE Router
      • JG409A HP MSR3012 AC Router
      • JG410A HP MSR3012 DC Router
      • JG861A HP MSR3024 TAA-compliant AC Router
    • MSR4000 (Comware 7) R0304P04
      • HP Network Products
      • JG402A HP MSR4080 Router Chassis
      • JG403A HP MSR4060 Router Chassis
      • JG412A HP MSR4000 MPU-100 Main Processing Unit
      • JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit
    • VSR (Comware 7) E0321
      • HP Network Products
      • JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software
      • JG811AAE HP VSR1001 Comware 7 Virtual Services Router
      • JG812AAE HP VSR1004 Comware 7 Virtual Services Router
      • JG813AAE HP VSR1008 Comware 7 Virtual Services Router
    • 7900 (Comware 7) R2137
      • HP Network Products
      • JG682A HP FlexFabric 7904 Switch Chassis
      • JG841A HP FlexFabric 7910 Switch Chassis
      • JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit
      • JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit
      • JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis
      • JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis
      • JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit
      • JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit
    • 5130 (Comware 7) R3109P09
      • HP Network Products
      • JG932A HP 5130-24G-4SFP+ EI Switch
      • JG933A HP 5130-24G-SFP-4SFP+ EI Switch
      • JG934A HP 5130-48G-4SFP+ EI Switch
      • JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch
      • JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch
      • JG975A HP 5130-24G-4SFP+ EI Brazil Switch
      • JG976A HP 5130-48G-4SFP+ EI Brazil Switch
      • JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch
      • JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch
      • JG938A HP 5130-24G-2SFP+-2XGT EI Switch
      • JG939A HP 5130-48G-2SFP+-2XGT EI Switch
      • JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch
      • JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch
    • 5700 (Comware 7) R2422P01
      • HP Network Products
      • JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch
      • JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch
      • JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch
      • JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch
      • JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch
      • JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch
    • 5930 (Comware 7) R2422P01
      • HP Network Products
      • JG726A HP FlexFabric 5930 32QSFP+ Switch
      • JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch
      • JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch
      • JH179A HP FlexFabric 5930 4-slot Switch
      • JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch
      • JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch
    • HSR6602 (Comware 7) R7103P05
      • HP Network Products
      • JG353A HP HSR6602-G Router
      • JG354A HP HSR6602-XG Router
      • JG776A HP HSR6602-G TAA-compliant Router
      • JG777A HP HSR6602-XG TAA-compliant Router
    • HSR6800 (Comware 7) R7103P05
      • HP Network Products
      • JG361A HP HSR6802 Router Chassis
      • JG361B HP HSR6802 Router Chassis
      • JG362A HP HSR6804 Router Chassis
      • JG362B HP HSR6804 Router Chassis
      • JG363A HP HSR6808 Router Chassis
      • JG363B HP HSR6808 Router Chassis
      • JG364A HP HSR6800 RSE-X2 Router Main Processing Unit
      • JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit
      • JH075A) HP HSR6800 RSE-X3 Router Main Processing Unit
    • 1950 R3109P09
      • HP Network Products
      • JG960A HP 1950-24G-4XG Switch
      • JG961A HP 1950-48G-2SFP+-2XGT Switch
      • JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch
      • JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch

    iMC

    • iMC Plat iMC Plat 7.1 (E0303P13)
      • HP Network Products
      • JD125A HP IMC Std S/W Platform w/100-node
      • JD126A HP IMC Ent S/W Platform w/100-node
      • JD808A HP IMC Ent Platform w/100-node License
      • JD814A HP A-IMC Enterprise Edition Software DVD Media
      • JD815A HP IMC Std Platform w/100-node License
      • JD816A HP A-IMC Standard Edition Software DVD Media
      • JF288AAE HP Network Director to Intelligent Management Center Upgrade E-LTU
      • JF289AAE HP Enterprise Management System to Intelligent Management Center Upgrade E-LTU
      • JF377A HP IMC Std S/W Platform w/100-node Lic
      • JF377AAE HP IMC Std S/W Pltfrm w/100-node E-LTU
      • JF378A HP IMC Ent S/W Platform w/200-node Lic
      • JF378AAE HP IMC Ent S/W Pltfrm w/200-node E-LTU
      • JG546AAE HP IMC Basic SW Platform w/50-node E-LTU
      • JG548AAE HP PCM+ to IMC Bsc Upgr w/50-node E-LTU
      • JG549AAE HP PCM+ to IMC Std Upgr w/200-node E-LTU
      • JG550AAE HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU
      • JG590AAE HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU
      • JG659AAE HP IMC Smart Connect VAE E-LTU
      • JG660AAE HP IMC Smart Connect w/WLM VAE E-LTU
      • JG747AAE HP IMC Std SW Plat w/ 50 Nodes E-LTU
      • JG748AAE HP IMC Ent SW Plat w/ 50 Nodes E-LTU
      • JG766AAE HP IMC SmCnct Vrtl Applnc SW E-LTU
      • JG767AAE HP IMC SmCnct WSM Vrtl Applnc SW E-LTU
      • JG768AAE HP PCM+ to IMC Std Upg w/ 200-node E-LTU

    HISTORY Version:1 (rev.1) - 19 February 2016 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

    Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com

    Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

    Copyright 2016 Hewlett Packard Enterprise

    Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. 7) - x86_64

    1. (BZ#1154060)

    2. TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)

    3. FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1066065)

    4. The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429)

    5. The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs.

    Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/curl-7.45.0-i486-1_slack14.1.txz: Upgraded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.45.0-i486-1_slack13.0.txz

    Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.45.0-x86_64-1_slack13.0.txz

    Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.45.0-i486-1_slack13.1.txz

    Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.45.0-x86_64-1_slack13.1.txz

    Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.45.0-i486-1_slack13.37.txz

    Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.45.0-x86_64-1_slack13.37.txz

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.45.0-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.45.0-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.45.0-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.45.0-x86_64-1_slack14.1.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.45.0-i586-1.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.45.0-x86_64-1.txz

    MD5 signatures: +-------------+

    Slackware 13.0 package: e9307566f43c3c12ac72f12cea688741 curl-7.45.0-i486-1_slack13.0.txz

    Slackware x86_64 13.0 package: 5fe5a7733ce969f8f468c6b03cf6b1f7 curl-7.45.0-x86_64-1_slack13.0.txz

    Slackware 13.1 package: 9d3d5ccbae7284c84c4667885bf9fd0d curl-7.45.0-i486-1_slack13.1.txz

    Slackware x86_64 13.1 package: 7e7f04d3de8d34b8b082729ceaa53ba9 curl-7.45.0-x86_64-1_slack13.1.txz

    Slackware 13.37 package: 00bd418a8607ea74d1986c08d5358052 curl-7.45.0-i486-1_slack13.37.txz

    Slackware x86_64 13.37 package: 23e7da7ab6846fed5d18b5f5399ac400 curl-7.45.0-x86_64-1_slack13.37.txz

    Slackware 14.0 package: 76f010b92c755f16f19840723d845e21 curl-7.45.0-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: daf0b67147a50e44d89f8852632fcdf7 curl-7.45.0-x86_64-1_slack14.0.txz

    Slackware 14.1 package: 8c2a5796d4a4ce840a767423667eb97b curl-7.45.0-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: 763157115101b63867217707ff4a9021 curl-7.45.0-x86_64-1_slack14.1.txz

    Slackware -current package: 0c2d192aff4af6f74281a1d724d31ce3 n/curl-7.45.0-i586-1.txz

    Slackware x86_64 -current package: 4791e2bb2afd43ec0642d94e22259e81 n/curl-7.45.0-x86_64-1.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg curl-7.45.0-i486-1_slack14.1.txz

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: RHSA-2015:1254-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1254.html Issue date: 2015-07-22 Updated on: 2014-12-15 CVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3148 =====================================================================

    1. Summary:

    Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.

    Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

    1. Description:

    The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

    It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613)

    A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707)

    It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150)

    It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148)

    Red Hat would like to thank the cURL project for reporting these issues.

    Bug fixes:

    • An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSLv3.0 through the libcurl API. (BZ#1154059)

    • A single upload transfer through the FILE protocol opened the destination file twice. If the inotify kernel subsystem monitored the file, two events were produced unnecessarily. The file is now opened only once per upload. (BZ#883002)

    • Utilities using libcurl for SCP/SFTP transfers could terminate unexpectedly when the system was running in FIPS mode. (BZ#1008178)

    • Using the "--retry" option with the curl utility could cause curl to terminate unexpectedly with a segmentation fault. Now, adding "--retry" no longer causes curl to crash. (BZ#1009455)

    • The "curl --trace-time" command did not use the correct local time when printing timestamps. Now, "curl --trace-time" works as expected. (BZ#1120196)

    • The valgrind utility could report dynamically allocated memory leaks on curl exit. Now, curl performs a global shutdown of the NetScape Portable Runtime (NSPR) library on exit, and valgrind no longer reports the memory leaks. (BZ#1146528)

    • Previously, libcurl returned an incorrect value of the CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to the HTTP response. Now, the returned value is valid. (BZ#1161163)

    Enhancements:

    • The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for specifying the minor version of the TLS protocol to be negotiated by NSS. The "--tlsv1" option now negotiates the highest version of the TLS protocol supported by both the client and the server. (BZ#1012136)

    • It is now possible to explicitly enable or disable the ECC and the new AES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)

    All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    For details on how to apply this update, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    835898 - Bug in DNS cache causes connections until restart of libcurl-using processes 883002 - curl used with file:// protocol opens and closes a destination file twice 997185 - sendrecv.c example incorrect type for sockfd 1008178 - curl scp download fails in fips mode 1011083 - CA certificate cannot be specified by nickname [documentation bug] 1011101 - manpage typos found using aspell 1058767 - curl does not support ECDSA certificates 1104160 - Link in curl man page is wrong 1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain 1154059 - curl: Disable out-of-protocol fallback to SSL 3.0 1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth 1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS 1156422 - curl does not allow explicit control of DHE ciphers 1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE 1168137 - curl closes connection after HEAD request fails 1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn() 1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated 1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented

    1. Package List:

    Red Hat Enterprise Linux Desktop (v. 6):

    Source: curl-7.19.7-46.el6.src.rpm

    i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm

    x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm

    Red Hat Enterprise Linux Desktop Optional (v. 6):

    i386: curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm

    x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm

    Red Hat Enterprise Linux HPC Node (v. 6):

    Source: curl-7.19.7-46.el6.src.rpm

    x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm

    Red Hat Enterprise Linux HPC Node Optional (v. 6):

    x86_64: curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 6):

    Source: curl-7.19.7-46.el6.src.rpm

    i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm

    ppc64: curl-7.19.7-46.el6.ppc64.rpm curl-debuginfo-7.19.7-46.el6.ppc.rpm curl-debuginfo-7.19.7-46.el6.ppc64.rpm libcurl-7.19.7-46.el6.ppc.rpm libcurl-7.19.7-46.el6.ppc64.rpm libcurl-devel-7.19.7-46.el6.ppc.rpm libcurl-devel-7.19.7-46.el6.ppc64.rpm

    s390x: curl-7.19.7-46.el6.s390x.rpm curl-debuginfo-7.19.7-46.el6.s390.rpm curl-debuginfo-7.19.7-46.el6.s390x.rpm libcurl-7.19.7-46.el6.s390.rpm libcurl-7.19.7-46.el6.s390x.rpm libcurl-devel-7.19.7-46.el6.s390.rpm libcurl-devel-7.19.7-46.el6.s390x.rpm

    x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 6):

    Source: curl-7.19.7-46.el6.src.rpm

    i386: curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm

    x86_64: curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2014-3613 https://access.redhat.com/security/cve/CVE-2014-3707 https://access.redhat.com/security/cve/CVE-2014-8150 https://access.redhat.com/security/cve/CVE-2015-3143 https://access.redhat.com/security/cve/CVE-2015-3148 https://access.redhat.com/security/updates/classification/#moderate

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn emWApg/iYw5vIs3rWoqmU7A= =p+Xb -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148 http://advisories.mageia.org/MGASA-2015-0179.html


    Updated Packages:

    Mandriva Business Server 1/X86_64: fd3f4894f5c5215c29b84d70f2c6ada2 mbs1/x86_64/curl-7.24.0-3.9.mbs1.x86_64.rpm a00d0747b4d6ae22475948119a42efc4 mbs1/x86_64/curl-examples-7.24.0-3.9.mbs1.x86_64.rpm d5291ae320dd5766e4b981ff66b36e19 mbs1/x86_64/lib64curl4-7.24.0-3.9.mbs1.x86_64.rpm 62d5295190433ca4ff7d2cda746d6b16 mbs1/x86_64/lib64curl-devel-7.24.0-3.9.mbs1.x86_64.rpm 5bcf6538291f947870a9ccfe62c9ea6d mbs1/SRPMS/curl-7.24.0-3.9.mbs1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/en/support/security/advisories/

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)

    iD8DBQFVRx8emqjQ0CJFipgRAsfvAJ9Sn2C56m2GSJfYRC+l1x9iUmoePwCeOcgv C0vndeaT5lGPwsIYy65q4r4= =GbzX -----END PGP SIGNATURE-----

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.34.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.27.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.31.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.29.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.28.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.28.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.35.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.32.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.30.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.33.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.8"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.4"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.8"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.3"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.5"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.3"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.22.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.5"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.22.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.39.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.18.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.13.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.18.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.24.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.34.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.41.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.13.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.18.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.24.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.41.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.38.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.7"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.38.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.7"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.36.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.6"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.25.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.11.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.9.5"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.31.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.11.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.25.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.29.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.14.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.37.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.14.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.17.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.28.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.5"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.17.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.5"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.3"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.18.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.20.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.7"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.20.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.20.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.7"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.17.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.20.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.37.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.17.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.5"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.37.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.6"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.7"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.6"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.7"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.11.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.39"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.11.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.13.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "15.04"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.13.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.13.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.40.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.4"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.13.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.5"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.11.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.40.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.16.4"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.11.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.3"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.10"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.4"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.23.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.32.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.4"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.26.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.15.4"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.23.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.26.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.2"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "14.04"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.6"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.27.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.14.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.35.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.4"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.18.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.28.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.36.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.6"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.14.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.4"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.6"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.18.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.33.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.12.2"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.23.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.30.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "hp",
            "version": "7.5.3.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.23.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.19.4"
          },
          {
            "_id": null,
            "model": "ubuntu",
            "scope": null,
            "trust": 0.8,
            "vendor": "canonical",
            "version": null
          },
          {
            "_id": null,
            "model": "gnu/linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "haxx",
            "version": "7.10.6 to  7.41.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "haxx",
            "version": "7.10.6 to  7.41.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.10 to  10.10.4"
          },
          {
            "_id": null,
            "model": "comware",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "hpe intelligent management center plat",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": "linux x86 64 -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.37"
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.6"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.5"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.4"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.3"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.18.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.18"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.17"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.16.4"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.5"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.3"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.14.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.14"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.13.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.13.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.13"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12.3"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.11.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.11.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.10.8"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.10.7"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.10.6"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.24.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.23.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.21.7"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.21.6"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.20.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.20.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.16.3"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "74299"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3143"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:canonical:ubuntu",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:debian:debian_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:haxx:curl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:haxx:libcurl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:comware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:intelligent_management_center_platform",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:system_management_homepage",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Paras Sethia",
        "sources": [
          {
            "db": "BID",
            "id": "74299"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-3143",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-3143",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-81104",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-3143",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3143",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201504-500",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-81104",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-3143",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3143"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3143"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. cURL/libcURL is prone to a remote security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \ncURL/libcURL 7.10.6 through versions 7.41.0 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. curl is a set of file transfer tools that use URL syntax to work on the command line. libcurl is a free, open source client-side URL transfer library. ============================================================================\nUbuntu Security Notice USN-2591-1\nApril 30, 2015\n\ncurl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.04\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. \n\nSoftware Description:\n- curl: HTTP, HTTPS, and FTP client and client libraries\n\nDetails:\n\nParas Sethia discovered that curl could incorrectly re-use NTLM HTTP\ncredentials when subsequently connecting to the same host over HTTP. \n(CVE-2015-3143)\n\nHanno B=C3=B6ck discovered that curl incorrectly handled zero-length host names. \nIf a user or automated system were tricked into using a specially crafted\nhost name, an attacker could possibly use this issue to cause curl to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.10 and Ubuntu 15.04. \nIf a user or automated system were tricked into parsing a specially crafted\ncookie, an attacker could possibly use this issue to cause curl to crash,\nresulting in a denial of service, or possibly execute arbitrary code. This\nissue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04. \n(CVE-2015-3145)\n\nIsaac Boukris discovered that when using Negotiate authenticated\nconnections, curl could incorrectly authenticate the entire connection and\nnot just specific HTTP requests. (CVE-2015-3148)\n\nYehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers\nboth to servers and proxies by default, contrary to expectations. This\nissue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.04:\n  libcurl3                        7.38.0-3ubuntu2.2\n  libcurl3-gnutls                 7.38.0-3ubuntu2.2\n  libcurl3-nss                    7.38.0-3ubuntu2.2\n\nUbuntu 14.10:\n  libcurl3                        7.37.1-1ubuntu3.4\n  libcurl3-gnutls                 7.37.1-1ubuntu3.4\n  libcurl3-nss                    7.37.1-1ubuntu3.4\n\nUbuntu 14.04 LTS:\n  libcurl3                        7.35.0-1ubuntu2.5\n  libcurl3-gnutls                 7.35.0-1ubuntu2.5\n  libcurl3-nss                    7.35.0-1ubuntu2.5\n\nUbuntu 12.04 LTS:\n  libcurl3                        7.22.0-3ubuntu4.14\n  libcurl3-gnutls                 7.22.0-3ubuntu4.14\n  libcurl3-nss                    7.22.0-3ubuntu4.14\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n\na-c04986859\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c04986859\nVersion: 1\n\nHPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware\n7 and cURL, Remote Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2016-02-19\nLast Updated: 2016-02-19\n\nPotential Security Impact: Remote Unauthorized Access\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities in cURL and libcurl have been addressed\nwith HPE iMC PLAT and other HP and H3C products using Comware 7. The\nvulnerabilities could be exploited remotely resulting in unauthorized access. \n\nReferences:\n\n  - CVE-2015-3143\n  - CVE-2015-3148\n  - SSRT102110\n  - PSRT110028\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nPlease refer to the RESOLUTION\n below for a list of impacted products. \n\nNote: all product versions are impacted prior to the fixed versions listed. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2015-3143    (AV:N/AC:L/Au:N/C:N/I:P/A:N)       5.0\nCVE-2015-3148    (AV:N/AC:L/Au:N/C:N/I:P/A:N)       5.0\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\nHPE has released the following software updates to resolve the\nvulnerabilities in Comware 7 and iMC Plat. \n\n**COMWARE 7 Products**\n\n  + 12500 (Comware 7) R7375\n    * HP Network Products\n      - JC085A HP A12518 Switch Chassis\n      - JC086A HP A12508 Switch Chassis\n      - JC652A HP 12508 DC Switch Chassis\n      - JC653A HP 12518 DC Switch Chassis\n      - JC654A HP 12504 AC Switch Chassis\n      - JC655A HP 12504 DC Switch Chassis\n      - JF430A HP A12518 Switch Chassis\n      - JF430B HP 12518 Switch Chassis\n      - JF430C HP 12518 AC Switch Chassis\n      - JF431A HP A12508 Switch Chassis\n      - JF431B HP 12508 Switch Chassis\n      - JF431C HP 12508 AC Switch Chassis\n      - JC072B HP 12500 Main Processing Unit\n      - JG497A HP 12500 MPU w/Comware V7 OS\n      - JG782A HP FF 12508E AC Switch Chassis\n      - JG783A HP FF 12508E DC Switch Chassis\n      - JG784A HP FF 12518E AC Switch Chassis\n      - JG785A HP FF 12518E DC Switch Chassis\n      - JG802A HP FF 12500E MPU\n      - JG836A HP FlexFabric 12518E AC Switch TAA-compliant Chassis\n      - JG834A HP FlexFabric 12508E AC Switch TAA-compliant Chassis\n      - JG835A HP FlexFabric 12508E DC Switch TAA-compliant Chassis\n      - JG837A HP FlexFabric 12518E DC Switch TAA-compliant Chassis\n      - JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit\n      - JG796A HP FlexFabric 12500 48-port 10GbE SFP+ FD Module\n      - JG790A HP FlexFabric 12500 16-port 40GbE QSFP+ FD Module\n      - JG794A HP FlexFabric 12500 40-port 10GbE SFP+ FG Module\n      - JG792A HP FlexFabric 12500 40-port 10GbE SFP+ FD Module\n      - JG788A HP FlexFabric 12500 4-port 100GbE CFP FG Module\n      - JG786A HP FlexFabric 12500 4-port 100GbE CFP FD Module\n      - JG797A HP FlexFabric 12500 48-port 10GbE SFP+ FD TAA-compliant Module\n      - JG791A HP FlexFabric 12500 16-port 40GbE QSFP+ FD TAA-compliant\nModule\n      - JG795A HP FlexFabric 12500 40-port 10GbE SFP+ FG TAA-compliant Module\n      - JG793A HP FlexFabric 12500 40-port 10GbE SFP+ FD TAA-compliant Module\n      - JG789A HP FlexFabric 12500 4-port 100GbE CFP FG TAA-compliant Module\n      - JG787A HP FlexFabric 12500 4-port 100GbE CFP FD TAA-compliant Module\n      - JG798A HP FlexFabric 12508E Fabric Module\n    * H3C Products\n      - H3C S12508 Routing Switch (AC-1) (0235A0GE)\n      - H3C S12518 Routing Switch (AC-1) (0235A0GF)\n      - H3C S12508 Chassis (0235A0E6)\n      - H3C S12508 Chassis (0235A38N)\n      - H3C S12518 Chassis (0235A0E7)\n      - H3C S12518 Chassis (0235A38M)\n      - H3C 12508 DC Switch Chassis (0235A38L)\n      - H3C 12518 DC Switch Chassis (0235A38K)\n  + 10500 (Comware 7) R7168\n    * HP Network Products\n      - JC611A HP 10508-V Switch Chassis\n      - JC612A HP 10508 Switch Chassis\n      - JC613A HP 10504 Switch Chassis\n      - JC748A HP 10512 Switch Chassis\n      - JG820A HP 10504 TAA Switch Chassis\n      - JG821A HP 10508 TAA Switch Chassis\n      - JG822A HP 10508-V TAA Switch Chassis\n      - JG823A HP 10512 TAA Switch Chassis\n      - JG496A HP 10500 Type A MPU w/Comware v7 OS\n      - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating\nSystem\n      - JH191A HP 10500 44-port GbE(SFP,LC)/ 4-port 10GbE SFP+ (SFP+,LC) SE\nModule\n      - JH192A HP 10500 48-port Gig-T (RJ45) SE Module\n      - JH193A HP 10500 16-port 10GbE SFP+ (SFP+,LC) SF Module\n      - JH194A HP 10500 24-port 10GbE SFP+ (SFP+,LC) EC Module\n      - JH195A HP 10500 6-port 40GbE QSFP+ EC Module\n      - JH196A HP 10500 2-port 100GbE CFP EC Module\n      - JH197A HP 10500 48-port 10GbE SFP+ (SFP+,LC) SG Module\n  + 12900 (Comware 7) R1137\n    * HP Network Products\n      - JG619A HP FlexFabric 12910 Switch AC Chassis\n      - JG621A HP FlexFabric 12910 Main Processing Unit\n      - JG632A HP FlexFabric 12916 Switch AC Chassis\n      - JG634A HP FlexFabric 12916 Main Processing Unit\n      - JH104A HP FlexFabric 12900E Main Processing Unit\n      - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit\n      - JH263A HP FlexFabric 12904E Main Processing Unit\n      - JH255A HP FlexFabric 12908E Switch Chassis\n      - JH262A HP FlexFabric 12904E Switch Chassis\n      - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis\n      - JH103A HP FlexFabric 12916E Switch Chassis\n  + 5900 (Comware 7) R2422P01\n    * HP Network Products\n      - JC772A HP 5900AF-48XG-4QSFP+ Switch\n      - JG336A HP 5900AF-48XGT-4QSFP+ Switch\n      - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch\n      - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch\n      - JG838A HP FF 5900CP-48XG-4QSFP+ Switch\n      - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant\n      - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch\n      - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant\n  + 5920 (Comware 7) R2422P01\n    * HP Network Products\n      - JG296A HP 5920AF-24XG Switch\n      - JG555A HP 5920AF-24XG TAA Switch\n  + MSR1000 (Comware 7) R0304P04\n    * HP Network Products\n      - JG875A HP MSR1002-4 AC Router\n      - JH060A HP MSR1003-8S AC Router\n  + MSR2000 (Comware 7) R0304P04\n    * HP Network Products\n      - JG411A HP MSR2003 AC Router\n      - JG734A HP MSR2004-24 AC Router\n      - JG735A HP MSR2004-48 Router\n      - JG866A HP MSR2003 TAA-compliant AC Router\n  + MSR3000 (Comware 7) R0304P04\n    * HP Network Products\n      - JG404A HP MSR3064 Router\n      - JG405A HP MSR3044 Router\n      - JG406A HP MSR3024 AC Router\n      - JG407A HP MSR3024 DC Router\n      - JG408A HP MSR3024 PoE Router\n      - JG409A HP MSR3012 AC Router\n      - JG410A HP MSR3012 DC Router\n      - JG861A HP MSR3024 TAA-compliant AC Router\n  + MSR4000 (Comware 7) R0304P04\n    * HP Network Products\n      - JG402A HP MSR4080 Router Chassis\n      - JG403A HP MSR4060 Router Chassis\n      - JG412A HP MSR4000 MPU-100 Main Processing Unit\n      - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit\n  + VSR (Comware 7) E0321\n    * HP Network Products\n      - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation\nSoftware\n      - JG811AAE HP VSR1001 Comware 7 Virtual Services Router\n      - JG812AAE HP VSR1004 Comware 7 Virtual Services Router\n      - JG813AAE HP VSR1008 Comware 7 Virtual Services Router\n  + 7900 (Comware 7) R2137\n    * HP Network Products\n      - JG682A HP FlexFabric 7904 Switch Chassis\n      - JG841A HP FlexFabric 7910 Switch Chassis\n      - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit\n      - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit\n      - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis\n      - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis\n      - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main\nProcessing Unit\n      - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main\nProcessing Unit\n  + 5130 (Comware 7) R3109P09\n    * HP Network Products\n      - JG932A HP 5130-24G-4SFP+ EI Switch\n      - JG933A HP 5130-24G-SFP-4SFP+ EI Switch\n      - JG934A HP 5130-48G-4SFP+ EI Switch\n      - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch\n      - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch\n      - JG975A HP 5130-24G-4SFP+ EI Brazil Switch\n      - JG976A HP 5130-48G-4SFP+ EI Brazil Switch\n      - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch\n      - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch\n      - JG938A HP 5130-24G-2SFP+-2XGT EI Switch\n      - JG939A HP 5130-48G-2SFP+-2XGT EI Switch\n      - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch\n      - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch\n  + 5700 (Comware 7) R2422P01\n    * HP Network Products\n      - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch\n      - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch\n      - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch\n      - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch\n      - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch\n      - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch\n  + 5930 (Comware 7) R2422P01\n    * HP Network Products\n      - JG726A HP FlexFabric 5930 32QSFP+ Switch\n      - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch\n      - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch\n      - JH179A HP FlexFabric 5930 4-slot Switch\n      - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch\n      - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch\n  + HSR6602 (Comware 7) R7103P05\n    * HP Network Products\n      - JG353A HP HSR6602-G Router\n      - JG354A HP HSR6602-XG Router\n      - JG776A HP HSR6602-G TAA-compliant Router\n      - JG777A HP HSR6602-XG TAA-compliant Router\n  + HSR6800 (Comware 7) R7103P05\n    * HP Network Products\n      - JG361A HP HSR6802 Router Chassis\n      - JG361B HP HSR6802 Router Chassis\n      - JG362A HP HSR6804 Router Chassis\n      - JG362B HP HSR6804 Router Chassis\n      - JG363A HP HSR6808 Router Chassis\n      - JG363B HP HSR6808 Router Chassis\n      - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit\n      - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit\n      - JH075A) HP HSR6800 RSE-X3 Router Main Processing Unit\n  + 1950 R3109P09\n    * HP Network Products\n      - JG960A HP 1950-24G-4XG Switch\n      - JG961A HP 1950-48G-2SFP+-2XGT Switch\n      - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch\n      - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch\n\n**iMC**\n\n  + iMC Plat iMC Plat 7.1 (E0303P13)\n    * HP Network Products\n      - JD125A  HP IMC Std S/W Platform w/100-node\n      - JD126A  HP IMC Ent S/W Platform w/100-node\n      - JD808A  HP IMC Ent Platform w/100-node License\n      - JD814A   HP A-IMC Enterprise Edition Software DVD Media\n      - JD815A  HP IMC Std Platform w/100-node License\n      - JD816A  HP A-IMC Standard Edition Software DVD Media\n      - JF288AAE  HP Network Director to Intelligent Management Center\nUpgrade E-LTU\n      - JF289AAE  HP Enterprise Management System to Intelligent Management\nCenter Upgrade E-LTU\n      - JF377A  HP IMC Std S/W Platform w/100-node Lic\n      - JF377AAE  HP IMC Std S/W Pltfrm w/100-node E-LTU\n      - JF378A  HP IMC Ent S/W Platform w/200-node Lic\n      - JF378AAE  HP IMC Ent S/W Pltfrm w/200-node E-LTU\n      - JG546AAE  HP IMC Basic SW Platform w/50-node E-LTU\n      - JG548AAE  HP PCM+ to IMC Bsc Upgr w/50-node E-LTU\n      - JG549AAE  HP PCM+ to IMC Std Upgr w/200-node E-LTU\n      - JG550AAE  HP PMM to IMC Bsc WLM Upgr w/150AP E-LTU\n      - JG590AAE  HP IMC Bsc WLAN Mgr SW Pltfm 50 AP E-LTU\n      - JG659AAE  HP IMC Smart Connect VAE E-LTU\n      - JG660AAE  HP IMC Smart Connect w/WLM VAE E-LTU\n      - JG747AAE  HP IMC Std SW Plat w/ 50 Nodes E-LTU\n      - JG748AAE  HP IMC Ent SW Plat w/ 50 Nodes E-LTU\n      - JG766AAE  HP IMC SmCnct Vrtl Applnc SW E-LTU\n      - JG767AAE  HP IMC SmCnct WSM Vrtl Applnc SW E-LTU\n      - JG768AAE  HP PCM+ to IMC Std Upg w/ 200-node E-LTU\n\nHISTORY\nVersion:1 (rev.1) - 19 February 2016 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability with any HPE supported\nproduct, send Email to: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners. 7) - x86_64\n\n3. \n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/curl-7.45.0-i486-1_slack14.1.txz:  Upgraded. \n  For more information, see:\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/curl-7.45.0-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/curl-7.45.0-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/curl-7.45.0-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/curl-7.45.0-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/curl-7.45.0-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/curl-7.45.0-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/curl-7.45.0-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/curl-7.45.0-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/curl-7.45.0-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/curl-7.45.0-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.45.0-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-7.45.0-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\ne9307566f43c3c12ac72f12cea688741  curl-7.45.0-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n5fe5a7733ce969f8f468c6b03cf6b1f7  curl-7.45.0-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n9d3d5ccbae7284c84c4667885bf9fd0d  curl-7.45.0-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n7e7f04d3de8d34b8b082729ceaa53ba9  curl-7.45.0-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n00bd418a8607ea74d1986c08d5358052  curl-7.45.0-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n23e7da7ab6846fed5d18b5f5399ac400  curl-7.45.0-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n76f010b92c755f16f19840723d845e21  curl-7.45.0-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ndaf0b67147a50e44d89f8852632fcdf7  curl-7.45.0-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n8c2a5796d4a4ce840a767423667eb97b  curl-7.45.0-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n763157115101b63867217707ff4a9021  curl-7.45.0-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n0c2d192aff4af6f74281a1d724d31ce3  n/curl-7.45.0-i586-1.txz\n\nSlackware x86_64 -current package:\n4791e2bb2afd43ec0642d94e22259e81  n/curl-7.45.0-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg curl-7.45.0-i486-1_slack14.1.txz\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: curl security, bug fix, and enhancement update\nAdvisory ID:       RHSA-2015:1254-02\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2015-1254.html\nIssue date:        2015-07-22\nUpdated on:        2014-12-15\nCVE Names:         CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 \n                   CVE-2015-3143 CVE-2015-3148 \n=====================================================================\n\n1. Summary:\n\nUpdated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl to access a specially crafted URL via an HTTP\nproxy could use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues. \n\nBug fixes:\n\n* An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available\nwith libcurl. Attackers could abuse the fallback to force downgrade of the\nSSL version. The fallback has been removed from libcurl. Users requiring\nthis functionality can explicitly enable SSLv3.0 through the libcurl API. \n(BZ#1154059)\n\n* A single upload transfer through the FILE protocol opened the destination\nfile twice. If the inotify kernel subsystem monitored the file, two events\nwere produced unnecessarily. The file is now opened only once per upload. \n(BZ#883002)\n\n* Utilities using libcurl for SCP/SFTP transfers could terminate\nunexpectedly when the system was running in FIPS mode. (BZ#1008178)\n\n* Using the \"--retry\" option with the curl utility could cause curl to\nterminate unexpectedly with a segmentation fault. Now, adding \"--retry\" no\nlonger causes curl to crash. (BZ#1009455)\n\n* The \"curl --trace-time\" command did not use the correct local time when\nprinting timestamps. Now, \"curl --trace-time\" works as expected. \n(BZ#1120196)\n\n* The valgrind utility could report dynamically allocated memory leaks on\ncurl exit. Now, curl performs a global shutdown of the NetScape Portable\nRuntime (NSPR) library on exit, and valgrind no longer reports the memory\nleaks. (BZ#1146528)\n\n* Previously, libcurl returned an incorrect value of the\nCURLINFO_HEADER_SIZE field when a proxy server appended its own headers to\nthe HTTP response. Now, the returned value is valid. (BZ#1161163)\n\nEnhancements:\n\n* The \"--tlsv1.0\", \"--tlsv1.1\", and \"--tlsv1.2\" options are available for\nspecifying the minor version of the TLS protocol to be negotiated by NSS. \nThe \"--tlsv1\" option now negotiates the highest version of the TLS protocol\nsupported by both the client and the server. (BZ#1012136)\n\n* It is now possible to explicitly enable or disable the ECC and the new\nAES cipher suites to be used for TLS. (BZ#1058767, BZ#1156422)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n835898 - Bug in DNS cache causes connections until restart of libcurl-using processes\n883002 - curl used with file:// protocol opens and closes a destination file twice\n997185 - sendrecv.c example incorrect type for sockfd\n1008178 - curl scp download fails in fips mode\n1011083 - CA certificate cannot be specified by nickname [documentation bug]\n1011101 - manpage typos found using aspell\n1058767 - curl does not support ECDSA certificates\n1104160 - Link in curl man page is wrong\n1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain\n1154059 - curl: Disable out-of-protocol fallback to SSL 3.0\n1154747 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth\n1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS\n1156422 - curl does not allow explicit control of DHE ciphers\n1161163 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE\n1168137 - curl closes connection after HEAD request fails\n1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()\n1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated\n1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nppc64:\ncurl-7.19.7-46.el6.ppc64.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc.rpm\ncurl-debuginfo-7.19.7-46.el6.ppc64.rpm\nlibcurl-7.19.7-46.el6.ppc.rpm\nlibcurl-7.19.7-46.el6.ppc64.rpm\nlibcurl-devel-7.19.7-46.el6.ppc.rpm\nlibcurl-devel-7.19.7-46.el6.ppc64.rpm\n\ns390x:\ncurl-7.19.7-46.el6.s390x.rpm\ncurl-debuginfo-7.19.7-46.el6.s390.rpm\ncurl-debuginfo-7.19.7-46.el6.s390x.rpm\nlibcurl-7.19.7-46.el6.s390.rpm\nlibcurl-7.19.7-46.el6.s390x.rpm\nlibcurl-devel-7.19.7-46.el6.s390.rpm\nlibcurl-devel-7.19.7-46.el6.s390x.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\ncurl-7.19.7-46.el6.src.rpm\n\ni386:\ncurl-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\n\nx86_64:\ncurl-7.19.7-46.el6.x86_64.rpm\ncurl-debuginfo-7.19.7-46.el6.i686.rpm\ncurl-debuginfo-7.19.7-46.el6.x86_64.rpm\nlibcurl-7.19.7-46.el6.i686.rpm\nlibcurl-7.19.7-46.el6.x86_64.rpm\nlibcurl-devel-7.19.7-46.el6.i686.rpm\nlibcurl-devel-7.19.7-46.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3613\nhttps://access.redhat.com/security/cve/CVE-2014-3707\nhttps://access.redhat.com/security/cve/CVE-2014-8150\nhttps://access.redhat.com/security/cve/CVE-2015-3143\nhttps://access.redhat.com/security/cve/CVE-2015-3148\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVrzSJXlSAg2UNWIIRAnEiAJ9xqOogsAzooomZ4VeMgA+gUwEuTwCfTzMn\nemWApg/iYw5vIs3rWoqmU7A=\n=p+Xb\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148\n http://advisories.mageia.org/MGASA-2015-0179.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n fd3f4894f5c5215c29b84d70f2c6ada2  mbs1/x86_64/curl-7.24.0-3.9.mbs1.x86_64.rpm\n a00d0747b4d6ae22475948119a42efc4  mbs1/x86_64/curl-examples-7.24.0-3.9.mbs1.x86_64.rpm\n d5291ae320dd5766e4b981ff66b36e19  mbs1/x86_64/lib64curl4-7.24.0-3.9.mbs1.x86_64.rpm\n 62d5295190433ca4ff7d2cda746d6b16  mbs1/x86_64/lib64curl-devel-7.24.0-3.9.mbs1.x86_64.rpm \n 5bcf6538291f947870a9ccfe62c9ea6d  mbs1/SRPMS/curl-7.24.0-3.9.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFVRx8emqjQ0CJFipgRAsfvAJ9Sn2C56m2GSJfYRC+l1x9iUmoePwCeOcgv\nC0vndeaT5lGPwsIYy65q4r4=\n=GbzX\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3143"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          },
          {
            "db": "BID",
            "id": "74299"
          },
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3143"
          },
          {
            "db": "PACKETSTORM",
            "id": "131699"
          },
          {
            "db": "PACKETSTORM",
            "id": "135878"
          },
          {
            "db": "PACKETSTORM",
            "id": "134443"
          },
          {
            "db": "PACKETSTORM",
            "id": "134138"
          },
          {
            "db": "PACKETSTORM",
            "id": "132792"
          },
          {
            "db": "PACKETSTORM",
            "id": "131726"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-81104",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-3143",
            "trust": 3.5
          },
          {
            "db": "JUNIPER",
            "id": "JSA10743",
            "trust": 1.5
          },
          {
            "db": "BID",
            "id": "74299",
            "trust": 1.5
          },
          {
            "db": "SECTRACK",
            "id": "1032232",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "64164",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "64284",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "131699",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "135878",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "131726",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "134138",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "133700",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131588",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131727",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-81104",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3143",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "134443",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132792",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3143"
          },
          {
            "db": "BID",
            "id": "74299"
          },
          {
            "db": "PACKETSTORM",
            "id": "131699"
          },
          {
            "db": "PACKETSTORM",
            "id": "135878"
          },
          {
            "db": "PACKETSTORM",
            "id": "134443"
          },
          {
            "db": "PACKETSTORM",
            "id": "134138"
          },
          {
            "db": "PACKETSTORM",
            "id": "132792"
          },
          {
            "db": "PACKETSTORM",
            "id": "131726"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3143"
          }
        ]
      },
      "id": "VAR-201504-0147",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:26:35.745000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "title": "HT205031",
            "trust": 0.8,
            "url": "https://support.apple.com/en-us/HT205031"
          },
          {
            "title": "HT205031",
            "trust": 0.8,
            "url": "https://support.apple.com/ja-jp/HT205031"
          },
          {
            "title": "DSA-3232",
            "trust": 0.8,
            "url": "https://www.debian.org/security/2015/dsa-3232"
          },
          {
            "title": "HPSBHF03544",
            "trust": 0.8,
            "url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
          },
          {
            "title": "HPSBMU03546",
            "trust": 0.8,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
          },
          {
            "title": "Re-using authenticated connection when unauthenticated",
            "trust": 0.8,
            "url": "http://curl.haxx.se/docs/adv_20150422A.html"
          },
          {
            "title": "USN-2591-1",
            "trust": 0.8,
            "url": "http://www.ubuntu.com/usn/USN-2591-1"
          },
          {
            "title": "Red Hat: Moderate: curl security, bug fix, and enhancement update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20152159 - Security Advisory"
          },
          {
            "title": "Red Hat: CVE-2015-3143",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3143"
          },
          {
            "title": "Ubuntu Security Notice: curl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2591-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3232-1 curl -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6e7bbc3a8db398caa606cf6110790ac9"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-514",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-514"
          },
          {
            "title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3143"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3143"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.1,
            "url": "http://advisories.mageia.org/mgasa-2015-0179.html"
          },
          {
            "trust": 2.1,
            "url": "http://curl.haxx.se/docs/adv_20150422a.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.debian.org/security/2015/dsa-3232"
          },
          {
            "trust": 1.5,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "trust": 1.3,
            "url": "http://www.securityfocus.com/bid/74299"
          },
          {
            "trust": 1.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1254.html"
          },
          {
            "trust": 1.3,
            "url": "http://www.ubuntu.com/usn/usn-2591-1"
          },
          {
            "trust": 1.2,
            "url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "trust": 1.2,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05045763"
          },
          {
            "trust": 1.2,
            "url": "https://support.apple.com/kb/ht205031"
          },
          {
            "trust": 1.2,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/155957.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-april/156250.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157017.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/157188.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/156945.html"
          },
          {
            "trust": 1.2,
            "url": "https://security.gentoo.org/glsa/201509-02"
          },
          {
            "trust": 1.2,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:219"
          },
          {
            "trust": 1.2,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2015:220"
          },
          {
            "trust": 1.2,
            "url": "http://www.securitytracker.com/id/1032232"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
          },
          {
            "trust": 1.1,
            "url": "http://marc.info/?l=bugtraq\u0026m=145612005512270\u0026w=2"
          },
          {
            "trust": 1.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3143"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3143"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3148"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3143"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/64164"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/64284"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2015-3143"
          },
          {
            "trust": 0.3,
            "url": "http://curl.haxx.se/"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213306"
          },
          {
            "trust": 0.3,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743\u0026cat=sirt_1\u0026actp=list"
          },
          {
            "trust": 0.3,
            "url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1023307"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21957883"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099196"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903004"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966972"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21967789"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3144"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3145"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3613"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2014-3707"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8150"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2014-3613"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3707"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-3148"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2014-8150"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3148"
          },
          {
            "trust": 0.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10743"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=145612005512270\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/264.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2015:2159"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/2591-1/"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38682"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.38.0-3ubuntu2.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.5"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.22.0-3ubuntu4.14"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.37.1-1ubuntu3.4"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3153"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_n"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/security_bulletin_archive"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/subscriber_choice"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2015-2159.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3236"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3237"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3145"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3236"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3144"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3237"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81104"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3143"
          },
          {
            "db": "BID",
            "id": "74299"
          },
          {
            "db": "PACKETSTORM",
            "id": "131699"
          },
          {
            "db": "PACKETSTORM",
            "id": "135878"
          },
          {
            "db": "PACKETSTORM",
            "id": "134443"
          },
          {
            "db": "PACKETSTORM",
            "id": "134138"
          },
          {
            "db": "PACKETSTORM",
            "id": "132792"
          },
          {
            "db": "PACKETSTORM",
            "id": "131726"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3143"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-81104",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3143",
            "ident": null
          },
          {
            "db": "BID",
            "id": "74299",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131699",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "135878",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "134443",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "134138",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132792",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131726",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3143",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-04-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-81104",
            "ident": null
          },
          {
            "date": "2015-04-24T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3143",
            "ident": null
          },
          {
            "date": "2015-04-22T00:00:00",
            "db": "BID",
            "id": "74299",
            "ident": null
          },
          {
            "date": "2015-04-30T15:48:24",
            "db": "PACKETSTORM",
            "id": "131699",
            "ident": null
          },
          {
            "date": "2016-02-23T05:11:25",
            "db": "PACKETSTORM",
            "id": "135878",
            "ident": null
          },
          {
            "date": "2015-11-20T00:41:15",
            "db": "PACKETSTORM",
            "id": "134443",
            "ident": null
          },
          {
            "date": "2015-10-30T23:23:03",
            "db": "PACKETSTORM",
            "id": "134138",
            "ident": null
          },
          {
            "date": "2015-07-22T17:57:59",
            "db": "PACKETSTORM",
            "id": "132792",
            "ident": null
          },
          {
            "date": "2015-05-04T17:18:17",
            "db": "PACKETSTORM",
            "id": "131726",
            "ident": null
          },
          {
            "date": "2015-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201504-500",
            "ident": null
          },
          {
            "date": "2015-04-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002484",
            "ident": null
          },
          {
            "date": "2015-04-24T14:59:08.187000",
            "db": "NVD",
            "id": "CVE-2015-3143",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-01-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-81104",
            "ident": null
          },
          {
            "date": "2018-01-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3143",
            "ident": null
          },
          {
            "date": "2016-07-06T14:27:00",
            "db": "BID",
            "id": "74299",
            "ident": null
          },
          {
            "date": "2015-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201504-500",
            "ident": null
          },
          {
            "date": "2016-09-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002484",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-3143",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "cURL and  libcurl Vulnerabilities connected as other users",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002484"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201504-500"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201108-0148

    Vulnerability from variot - Updated: 2026-04-10 23:26

    Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2138 ,and CVE-2011-2416 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                        SUSE Security Announcement
    
        Package:                flash-player
        Announcement ID:        SUSE-SA:2011:033
        Date:                   Wed, 10 Aug 2011 14:00:00 +0000
        Affected Products:      SUSE Linux Enterprise Desktop 11 SP1
                                SUSE Linux Enterprise Desktop 10 SP4
        Vulnerability Type:     remote code execution
        CVSS v2 Base Score:     6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
        SUSE Default Package:   yes
        Cross-References:       CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
                                CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
                                CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
                                CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
                                CVE-2011-2425
    
    Content of This Advisory:
        1) Security Vulnerability Resolved:
             remote code execution
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            none
        6) Authenticity Verification and Additional Information
    

    1) Problem Description and Brief Discussion

    Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

    Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.

    For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html

    2) Solution or Work-Around

    none

    3) Special Instructions and Notes

    Pleease restart your browser.

    4) Package Location and Checksums

    The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.

    Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>
    

    to apply the update, replacing with the filename of the downloaded RPM package.

    Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:

    SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900

    SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10


    5) Pending Vulnerabilities, Solutions, and Work-Arounds:

    none


    6) Authenticity Verification and Additional Information

    • Announcement authenticity verification:

      SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.

      To verify the signature of the announcement, save it as text into a file and run the command

      gpg --verify

      replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:

      gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"

      where is replaced by the date the document was signed.

      If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

    • Package authenticity verification:

      SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.

      The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command

      rpm -v --checksig

      to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.

      This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.

    • SUSE runs two security mailing lists to which any interested party may subscribe:

      opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.

      opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================


      The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.

      SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . iDefense Security Advisory 08.09.11 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 09, 2011

    I. For more information, please visit following website:

    http://www.adobe.com/products/flashplayer/

    II.

    During the allocation of an array within a certain internal ActionScript function, a size calculation may cause an integer value to overflow. This condition may lead to the bounds of an undersized array being overflown during a memory copy operation.

    III. An attacker typically accomplishes this via social engineering or injecting content into a compromised, trusted site.

    IV. VENDOR RESPONSE

    Adobe has released a fix which addresses this issue. Information about downloadable vendor updates can be found by clicking on the URLs shown.

    http://www.adobe.com/support/security/bulletins/apsb11-21.html

    VII. CVE INFORMATION

    The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2011-2416 and CVE-2011-2136 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

    VIII. DISCLOSURE TIMELINE

    04/27/2011 Initial Vendor Notification 04/27/2011 Vendor Reply 08/09/2011 Coordinated Public Disclosure

    IX. CREDIT

    This vulnerability was reported to iDefense by Vitaliy Toropov.

    Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

    Free tools, research and upcoming events http://labs.idefense.com/

    X. LEGAL NOTICES

    Copyright © 2011 Verisign

    Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-19


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Adobe Reader: Multiple vulnerabilities Date: January 30, 2012 Bugs: #354211, #382969, #393481 ID: 201201-19


    Synopsis

    Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 app-text/acroread < 9.4.7 >= 9.4.7=20

    Description

    Multiple vulnerabilities have been discovered in Adobe Reader. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Reader users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/acroread-9.4.7"

    References

    [ 1 ] CVE-2010-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091 [ 2 ] CVE-2011-0562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562 [ 3 ] CVE-2011-0563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563 [ 4 ] CVE-2011-0565 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565 [ 5 ] CVE-2011-0566 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566 [ 6 ] CVE-2011-0567 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567 [ 7 ] CVE-2011-0570 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570 [ 8 ] CVE-2011-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585 [ 9 ] CVE-2011-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586 [ 10 ] CVE-2011-0587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587 [ 11 ] CVE-2011-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588 [ 12 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 13 ] CVE-2011-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590 [ 14 ] CVE-2011-0591 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591 [ 15 ] CVE-2011-0592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592 [ 16 ] CVE-2011-0593 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593 [ 17 ] CVE-2011-0594 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594 [ 18 ] CVE-2011-0595 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595 [ 19 ] CVE-2011-0596 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596 [ 20 ] CVE-2011-0598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598 [ 21 ] CVE-2011-0599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599 [ 22 ] CVE-2011-0600 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600 [ 23 ] CVE-2011-0602 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602 [ 24 ] CVE-2011-0603 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603 [ 25 ] CVE-2011-0604 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604 [ 26 ] CVE-2011-0605 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605 [ 27 ] CVE-2011-0606 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606 [ 28 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 29 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 30 ] CVE-2011-2135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 31 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 32 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 33 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 34 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 35 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 36 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 37 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 38 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 39 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 40 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 41 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 42 ] CVE-2011-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431 [ 43 ] CVE-2011-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432 [ 44 ] CVE-2011-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433 [ 45 ] CVE-2011-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434 [ 46 ] CVE-2011-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435 [ 47 ] CVE-2011-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436 [ 48 ] CVE-2011-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437 [ 49 ] CVE-2011-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438 [ 50 ] CVE-2011-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439 [ 51 ] CVE-2011-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440 [ 52 ] CVE-2011-2441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441 [ 53 ] CVE-2011-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442 [ 54 ] CVE-2011-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462 [ 55 ] CVE-2011-4369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201201-19.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================

    1. Summary:

    Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    Adobe Reader allows users to view and print documents in Portable Document Format (PDF).

    This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.

    A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)

    A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)

    All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

    1. Bugs fixed (http://bugzilla.redhat.com/):

    729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)

    1. Package List:

    Red Hat Enterprise Linux AS version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Desktop version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux ES version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux WS version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------

    The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242


    TITLE: Red Hat update for flash-plugin

    SECUNIA ADVISORY ID: SA45593

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593

    RELEASE DATE: 2011-08-12

    DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/45593/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=45593

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.3.181.14"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.1.53.64"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "adobe",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.246.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "8.0.35.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.115.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.154.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.156.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.155.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152.33"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.154.13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.262.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.157.51"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.52.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152.32"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.28.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.260.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.52.14.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.32.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.277.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.12.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.283.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.185.21"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.124.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.185.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.152.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.22.87"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.85.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.82.76"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.159.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.151.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.15.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.31.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.159.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.105.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.47.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.45.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "8.0.34.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.42.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.48.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.106.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.102.64"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.45.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.185.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.73.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.79"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.69.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.33.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.70.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.18d60"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.112.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.0.584"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.28"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.19.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.60.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.12.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.14.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.31"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.66.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.22.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.53.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.61.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.67.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.181.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.21.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.114.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.39.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.68.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.42.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.36   for chrome users"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.185.25   for android"
          },
          {
            "_id": null,
            "model": "hp systems insight manager",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.1.z"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6.z (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary long life",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6 (server)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.94"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.57"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.12.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.100"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.152.21"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.6.19140"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.280"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.186.3"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.43"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.22"
          },
          {
            "_id": null,
            "model": "systems insight manager sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.51.66"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.153.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.204"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.2460"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.128"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.22"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.96"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.26"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.127"
          },
          {
            "_id": null,
            "model": "solaris express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "11"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.262"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.65"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.24"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "systems insight manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.107"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.112"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.71"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.b3.61",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3218"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.289.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.91"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.25"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.84"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.112"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.107"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.77"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.452"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.183.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.68"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.672.2"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "systems insight manager sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.133"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.7.1.1961"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "flash player release candida",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.205"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.28"
          },
          {
            "_id": null,
            "model": "systems insight manager update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.31"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.6.19120"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.c0.41",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.102.65"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "49079"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2136"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:systems_insight_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_long_life",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Anonymous via Tipping Point\u0027s Zero Day Initiative",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2011-2136",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-2136",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-50081",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2136",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2136",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201108-185",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-50081",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2011-2136",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50081"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-2136"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2136"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2138 ,and CVE-2011-2416 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n                        SUSE Security Announcement\n\n        Package:                flash-player\n        Announcement ID:        SUSE-SA:2011:033\n        Date:                   Wed, 10 Aug 2011 14:00:00 +0000\n        Affected Products:      SUSE Linux Enterprise Desktop 11 SP1\n                                SUSE Linux Enterprise Desktop 10 SP4\n        Vulnerability Type:     remote code execution\n        CVSS v2 Base Score:     6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n        SUSE Default Package:   yes\n        Cross-References:       CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n                                CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n                                CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n                                CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n                                CVE-2011-2425\n\n    Content of This Advisory:\n        1) Security Vulnerability Resolved:\n             remote code execution\n           Problem Description\n        2) Solution or Work-Around\n        3) Special Instructions and Notes\n        4) Package Location and Checksums\n        5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n            none\n        6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n   Flash-Player was updated to version 10.3.188.5 to fix various buffer\n   and integer overflows:\n   - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   \n   Earlier flash-player versions can be exploited to execute arbitrary code\n   remotely with the privileges of the attacked user. \n   \n   For more details see:\n   http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n   none\n\n3) Special Instructions and Notes\n\n   Pleease restart your browser. \n\n4) Package Location and Checksums\n\n   The preferred method for installing security updates is to use the YaST\n   \"Online Update\" module or the \"zypper\" commandline tool. The package and\n   patch management stack will detect which updates are required and\n   automatically perform the necessary steps to verify and install them. \n\n   Alternatively, download the update packages for your distribution manually\n   and verify their integrity by the methods listed in Section 6 of this\n   announcement. Then install the packages using the command\n\n     rpm -Fhv \u003cfile.rpm\u003e\n\n   to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n   downloaded RPM package. \n\n   Our maintenance customers are notified individually. The packages are\n   offered for installation from the maintenance web:\n   \n   SUSE Linux Enterprise Desktop 10 SP4\n     http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n   \n   SUSE Linux Enterprise Desktop 11 SP1\n     http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n   none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n  - Announcement authenticity verification:\n\n    SUSE security announcements are published via mailing lists and on Web\n    sites. The authenticity and integrity of a SUSE security announcement is\n    guaranteed by a cryptographic signature in each announcement. All SUSE\n    security announcements are published with a valid signature. \n\n    To verify the signature of the announcement, save it as text into a file\n    and run the command\n\n      gpg --verify \u003cfile\u003e\n\n    replacing \u003cfile\u003e with the name of the file where you saved the\n    announcement. The output for a valid signature looks like:\n\n      gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n      gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n    where \u003cDATE\u003e is replaced by the date the document was signed. \n\n    If the security team\u0027s key is not contained in your key ring, you can\n    import it from the first installation CD. To import the key, use the\n    command\n\n      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n  - Package authenticity verification:\n\n    SUSE update packages are available on many mirror FTP servers all over the\n    world. While this service is considered valuable and important to the free\n    and open source software community, the authenticity and the integrity of\n    a package needs to be verified to ensure that it has not been tampered\n    with. \n\n    The internal rpm package signatures provide an easy way to verify the\n    authenticity of an RPM package. Use the command\n\n     rpm -v --checksig \u003cfile.rpm\u003e\n\n    to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n    filename of the RPM package downloaded. The package is unmodified if it\n    contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n    This key is automatically imported into the RPM database (on\n    RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n    installation. You can also find it on the first installation CD and at\n    the end of this announcement. \n\n  - SUSE runs two security mailing lists to which any interested party may\n    subscribe:\n\n    opensuse-security@opensuse.org\n        -   General Linux and SUSE security discussion. \n            All SUSE security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n    opensuse-security-announce@opensuse.org\n        -   SUSE\u0027s announce-only mailing list. \n            Only SUSE\u0027s security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n    The \u003csecurity@suse.de\u003e public key is listed below. \n    =====================================================================\n______________________________________________________________________________\n\n    The information in this advisory may be distributed or reproduced,\n    provided that the advisory is not modified in any way. In particular, the\n    clear text signature should show proof of the authenticity of the text. \n\n    SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n    with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. iDefense Security Advisory 08.09.11\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nAug 09, 2011\n\nI. For more\ninformation, please visit following website:\n\nhttp://www.adobe.com/products/flashplayer/\n\nII. \n\nDuring the allocation of an array within a certain internal ActionScript\nfunction, a size calculation may cause an integer value to overflow. \nThis condition may lead to the bounds of an undersized array being\noverflown during a memory copy operation. \n\nIII. An attacker typically accomplishes this via\nsocial engineering or injecting content into a compromised, trusted\nsite. \n\nIV. VENDOR RESPONSE\n\nAdobe has released a fix which addresses this issue. Information about\ndownloadable vendor updates can be found by clicking on the URLs shown. \n\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2011-2416 and CVE-2011-2136 to this issue. This is a candidate\nfor inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n04/27/2011  Initial Vendor Notification\n04/27/2011  Vendor Reply\n08/09/2011  Coordinated Public Disclosure\n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by Vitaliy Toropov. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \u00a9 2011 Verisign\n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\ne-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201201-19\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Adobe Reader: Multiple vulnerabilities\n     Date: January 30, 2012\n     Bugs: #354211, #382969, #393481\n       ID: 201201-19\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Reader might allow remote attackers\nto execute arbitrary code or conduct various other attacks. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-text/acroread            \u003c 9.4.7                    \u003e= 9.4.7=20\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Adobe Reader. Please\nreview the CVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Reader users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-text/acroread-9.4.7\"\n\nReferences\n==========\n\n[  1 ] CVE-2010-4091\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4091\n[  2 ] CVE-2011-0562\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0562\n[  3 ] CVE-2011-0563\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0563\n[  4 ] CVE-2011-0565\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0565\n[  5 ] CVE-2011-0566\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0566\n[  6 ] CVE-2011-0567\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0567\n[  7 ] CVE-2011-0570\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0570\n[  8 ] CVE-2011-0585\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0585\n[  9 ] CVE-2011-0586\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0586\n[ 10 ] CVE-2011-0587\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0587\n[ 11 ] CVE-2011-0588\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0588\n[ 12 ] CVE-2011-0589\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 13 ] CVE-2011-0590\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0590\n[ 14 ] CVE-2011-0591\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0591\n[ 15 ] CVE-2011-0592\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0592\n[ 16 ] CVE-2011-0593\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0593\n[ 17 ] CVE-2011-0594\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0594\n[ 18 ] CVE-2011-0595\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0595\n[ 19 ] CVE-2011-0596\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0596\n[ 20 ] CVE-2011-0598\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0598\n[ 21 ] CVE-2011-0599\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0599\n[ 22 ] CVE-2011-0600\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0600\n[ 23 ] CVE-2011-0602\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0602\n[ 24 ] CVE-2011-0603\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0603\n[ 25 ] CVE-2011-0604\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0604\n[ 26 ] CVE-2011-0605\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0605\n[ 27 ] CVE-2011-0606\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0606\n[ 28 ] CVE-2011-2130\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 29 ] CVE-2011-2134\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 30 ] CVE-2011-2135\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 31 ] CVE-2011-2136\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 32 ] CVE-2011-2137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 33 ] CVE-2011-2138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 34 ] CVE-2011-2139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 35 ] CVE-2011-2140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 36 ] CVE-2011-2414\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 37 ] CVE-2011-2415\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 38 ] CVE-2011-2416\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 39 ] CVE-2011-2417\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 40 ] CVE-2011-2424\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 41 ] CVE-2011-2425\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 42 ] CVE-2011-2431\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2431\n[ 43 ] CVE-2011-2432\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2432\n[ 44 ] CVE-2011-2433\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2433\n[ 45 ] CVE-2011-2434\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2434\n[ 46 ] CVE-2011-2435\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2435\n[ 47 ] CVE-2011-2436\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2436\n[ 48 ] CVE-2011-2437\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2437\n[ 49 ] CVE-2011-2438\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2438\n[ 50 ] CVE-2011-2439\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2439\n[ 51 ] CVE-2011-2440\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2440\n[ 52 ] CVE-2011-2441\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2441\n[ 53 ] CVE-2011-2442\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2442\n[ 54 ] CVE-2011-2462\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2462\n[ 55 ] CVE-2011-4369\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4369\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201201-19.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: acroread security update\nAdvisory ID:       RHSA-2011:1434-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date:        2011-11-08\nCVE Names:         CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n                   CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n                   CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n                   CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n                   CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n                   CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n                   CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n                   CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n                   CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n                   CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n                   CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for flash-plugin\n\nSECUNIA ADVISORY ID:\nSA45593\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45593/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nRELEASE DATE:\n2011-08-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45593/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45593/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for flash-plugin. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ndisclose sensitive information and compromise a user\u0027s system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nRHSA-2011:1144-1:\nhttps://rhn.redhat.com/errata/RHSA-2011-1144.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2136"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          },
          {
            "db": "BID",
            "id": "49079"
          },
          {
            "db": "VULHUB",
            "id": "VHN-50081"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-2136"
          },
          {
            "db": "PACKETSTORM",
            "id": "103913"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "PACKETSTORM",
            "id": "103929"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2136",
            "trust": 3.4
          },
          {
            "db": "USCERT",
            "id": "TA11-222A",
            "trust": 2.0
          },
          {
            "db": "SECUNIA",
            "id": "45529",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "45583",
            "trust": 1.4
          },
          {
            "db": "BID",
            "id": "49079",
            "trust": 1.3
          },
          {
            "db": "SECUNIA",
            "id": "48308",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "45593",
            "trust": 0.9
          },
          {
            "db": "SECTRACK",
            "id": "1025907",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1025914",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA11-222A",
            "trust": 0.8
          },
          {
            "db": "OSVDB",
            "id": "74435",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150",
            "trust": 0.8
          },
          {
            "db": "NSFOCUS",
            "id": "17519",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "17880",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "49080",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-50081",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-2136",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103913",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103946",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103918",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "109194",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106736",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103929",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50081"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-2136"
          },
          {
            "db": "BID",
            "id": "49079"
          },
          {
            "db": "PACKETSTORM",
            "id": "103913"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "PACKETSTORM",
            "id": "103929"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2136"
          }
        ]
      },
      "id": "VAR-201108-0148",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50081"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:26:02.507000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB11-21",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "title": "APSB11-21 (cpsid_91448)",
            "trust": 0.8,
            "url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
          },
          {
            "title": "APSB11-21",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
          },
          {
            "title": "HPSBMU02769 SSRT100846",
            "trust": 0.8,
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151"
          },
          {
            "title": "RHSA-2011:1144",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2011-1144.html"
          },
          {
            "title": "TA11-222A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-189",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50081"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2136"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "trust": 2.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
          },
          {
            "trust": 1.4,
            "url": "http://secunia.com/advisories/45529"
          },
          {
            "trust": 1.4,
            "url": "http://secunia.com/advisories/45583"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14111"
          },
          {
            "trust": 1.2,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16128"
          },
          {
            "trust": 1.2,
            "url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
          },
          {
            "trust": 1.2,
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
          },
          {
            "trust": 0.9,
            "url": "http://www.securityfocus.com/bid/49079"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2136"
          },
          {
            "trust": 0.8,
            "url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta11-222a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2136"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/74435"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/45593"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id?1025914"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id?1025907"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/49080"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/17519"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/17880"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/519236"
          },
          {
            "trust": 0.3,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=936"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100151664"
          },
          {
            "trust": 0.3,
            "url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/kb/docs/doc-11259"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
          },
          {
            "trust": 0.2,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
          },
          {
            "trust": 0.2,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/189.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/vulnerabilities/adobe-air-cve-2011-2138"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=23892"
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/),"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/products/flashplayer/"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-26.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/242"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/45593/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/45593/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50081"
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-2136"
          },
          {
            "db": "BID",
            "id": "49079"
          },
          {
            "db": "PACKETSTORM",
            "id": "103913"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "PACKETSTORM",
            "id": "103929"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2136"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-50081",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2011-2136",
            "ident": null
          },
          {
            "db": "BID",
            "id": "49079",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103913",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103946",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103918",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "109194",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "106736",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103929",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2136",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50081",
            "ident": null
          },
          {
            "date": "2011-08-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2011-2136",
            "ident": null
          },
          {
            "date": "2011-08-09T00:00:00",
            "db": "BID",
            "id": "49079",
            "ident": null
          },
          {
            "date": "2011-08-11T04:36:04",
            "db": "PACKETSTORM",
            "id": "103913",
            "ident": null
          },
          {
            "date": "2011-08-12T05:17:05",
            "db": "PACKETSTORM",
            "id": "103946",
            "ident": null
          },
          {
            "date": "2011-08-11T04:45:55",
            "db": "PACKETSTORM",
            "id": "103918",
            "ident": null
          },
          {
            "date": "2012-01-31T00:07:37",
            "db": "PACKETSTORM",
            "id": "109194",
            "ident": null
          },
          {
            "date": "2011-11-08T15:21:13",
            "db": "PACKETSTORM",
            "id": "106736",
            "ident": null
          },
          {
            "date": "2011-08-11T08:17:54",
            "db": "PACKETSTORM",
            "id": "103929",
            "ident": null
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-185",
            "ident": null
          },
          {
            "date": "2011-08-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-002150",
            "ident": null
          },
          {
            "date": "2011-08-10T22:55:00.783000",
            "db": "NVD",
            "id": "CVE-2011-2136",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50081",
            "ident": null
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2011-2136",
            "ident": null
          },
          {
            "date": "2015-03-19T08:14:00",
            "db": "BID",
            "id": "49079",
            "ident": null
          },
          {
            "date": "2011-08-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-185",
            "ident": null
          },
          {
            "date": "2013-03-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-002150",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2136",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player and  Adobe AIR Integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002150"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-185"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201302-0302

    Vulnerability from variot - Updated: 2026-04-10 23:19

    Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)

    A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA52166

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    RELEASE DATE: 2013-02-12

    DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/52166/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

    1) Some unspecified errors can be exploited to cause buffer overflows.

    2) Some use-after-free errors can be exploited to dereference already freed memory.

    4) An unspecified error can be exploited to corrupt memory.

    5) An unspecified error can be exploited to corrupt memory.

    6) An unspecified error can be exploited to disclose certain sensitive information.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.

    ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows)"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include ) (windows"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 64-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(macintosh    linux)"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 32-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (macintosh)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.185.22"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.14"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.20"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.1.92.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.29"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.16"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "57920"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1366"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player_for_android",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_8",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security Team",
        "sources": [
          {
            "db": "BID",
            "id": "57920"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-1366",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-1366",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-61368",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-1366",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-1366",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201302-174",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-61368",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61368"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1366"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2013:0254-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date:        2013-02-13\nCVE Names:         CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n                   CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n                   CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n                   CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n                   CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n                   CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-1366"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          },
          {
            "db": "BID",
            "id": "57920"
          },
          {
            "db": "VULHUB",
            "id": "VHN-61368"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-1366",
            "trust": 3.0
          },
          {
            "db": "USCERT",
            "id": "TA13-043A",
            "trust": 1.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52166",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52164",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52197",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52203",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52163",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "57920",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-61368",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61368"
          },
          {
            "db": "BID",
            "id": "57920"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1366"
          }
        ]
      },
      "id": "VAR-201302-0302",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61368"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:19:11.196000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB13-05",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "title": "APSB13-05 (cq02121817)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "openSUSE-SU-2013:0295",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "title": "SUSE-SU-2013:0296",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "title": "openSUSE-SU-2013:0298",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "title": "RHSA-2013:0254",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61368"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1366"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1366"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta13-043a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1366"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52163"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52164"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52166"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52197"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52203"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/air/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61368"
          },
          {
            "db": "BID",
            "id": "57920"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1366"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-61368",
            "ident": null
          },
          {
            "db": "BID",
            "id": "57920",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1366",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-61368",
            "ident": null
          },
          {
            "date": "2013-02-12T00:00:00",
            "db": "BID",
            "id": "57920",
            "ident": null
          },
          {
            "date": "2013-02-13T19:12:55",
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2013-02-12T06:40:24",
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-174",
            "ident": null
          },
          {
            "date": "2013-02-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001477",
            "ident": null
          },
          {
            "date": "2013-02-12T20:55:04.667000",
            "db": "NVD",
            "id": "CVE-2013-1366",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-61368",
            "ident": null
          },
          {
            "date": "2015-03-19T08:46:00",
            "db": "BID",
            "id": "57920",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-174",
            "ident": null
          },
          {
            "date": "2013-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001477",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-1366",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001477"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-174"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201108-0210

    Vulnerability from variot - Updated: 2026-04-10 23:18

    Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425. Adobe Flash Player and Adobe AIR Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-2135 , CVE-2011-2140 ,and CVE-2011-2425 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                        SUSE Security Announcement
    
        Package:                flash-player
        Announcement ID:        SUSE-SA:2011:033
        Date:                   Wed, 10 Aug 2011 14:00:00 +0000
        Affected Products:      SUSE Linux Enterprise Desktop 11 SP1
                                SUSE Linux Enterprise Desktop 10 SP4
        Vulnerability Type:     remote code execution
        CVSS v2 Base Score:     6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
        SUSE Default Package:   yes
        Cross-References:       CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
                                CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
                                CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
                                CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
                                CVE-2011-2425
    
    Content of This Advisory:
        1) Security Vulnerability Resolved:
             remote code execution
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            none
        6) Authenticity Verification and Additional Information
    

    1) Problem Description and Brief Discussion

    Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

    Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.

    For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html

    2) Solution or Work-Around

    none

    3) Special Instructions and Notes

    Pleease restart your browser.

    4) Package Location and Checksums

    The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.

    Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>
    

    to apply the update, replacing with the filename of the downloaded RPM package.

    Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:

    SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900

    SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10


    5) Pending Vulnerabilities, Solutions, and Work-Arounds:

    none


    6) Authenticity Verification and Additional Information

    • Announcement authenticity verification:

      SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.

      To verify the signature of the announcement, save it as text into a file and run the command

      gpg --verify

      replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:

      gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"

      where is replaced by the date the document was signed.

      If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

    • Package authenticity verification:

      SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.

      The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command

      rpm -v --checksig

      to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.

      This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.

    • SUSE runs two security mailing lists to which any interested party may subscribe:

      opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.

      opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================


      The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.

      SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"

    References

    [ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-11.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================

    1. Summary:

    Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    Adobe Reader allows users to view and print documents in Portable Document Format (PDF).

    This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.

    A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)

    A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)

    All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

    1. Bugs fixed (http://bugzilla.redhat.com/):

    729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)

    1. Package List:

    Red Hat Enterprise Linux AS version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Desktop version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux ES version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux WS version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------

    The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242


    TITLE: Red Hat update for flash-plugin

    SECUNIA ADVISORY ID: SA45593

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593

    RELEASE DATE: 2011-08-12

    DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/45593/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=45593

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "adobe",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.246.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "8.0.35.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.115.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.154.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.156.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.155.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152.33"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.154.13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.262.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.157.51"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.14"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.52.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152.32"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.28.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.260.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.52.14.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.32.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.277.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.12.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.283.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.185.21"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.53.64"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.124.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.185.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.152.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.22.87"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.85.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.82.76"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.159.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.151.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.15.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.31.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.159.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.105.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.47.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.45.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "8.0.34.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.42.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.48.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.106.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.102.64"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.45.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.185.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.73.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.79"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.69.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.33.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.70.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.18d60"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.112.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.0.584"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.28"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.19.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.60.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.12.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.14.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.31"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.66.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.22.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.53.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.61.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.67.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.181.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.21.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.114.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.39.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.68.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.42.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.36   for chrome users"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.185.25   for android"
          },
          {
            "_id": null,
            "model": "hp systems insight manager",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.1.z"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6.z (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary long life",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6 (server)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.94"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.57"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.12.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.100"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.152.21"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.6.19140"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.280"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.186.3"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.43"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.22"
          },
          {
            "_id": null,
            "model": "systems insight manager sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.51.66"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.153.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.204"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.2460"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.128"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.22"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.96"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.26"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.127"
          },
          {
            "_id": null,
            "model": "solaris express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "11"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.262"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.65"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.24"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "systems insight manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.107"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.112"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.71"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.b3.61",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3218"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.289.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.91"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.25"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.84"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.112"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.107"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.77"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.452"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.183.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.68"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.672.2"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "systems insight manager sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.133"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.7.1.1961"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "flash player release candida",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.205"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.28"
          },
          {
            "_id": null,
            "model": "systems insight manager update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.31"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.6.19120"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.c0.41",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.102.65"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "49084"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2417"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:systems_insight_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_long_life",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Honggang Ren of Fortinet\u0027s FortiGuard Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2011-2417",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-2417",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-50362",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2417",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2417",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201108-190",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-50362",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50362"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2417"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425. Adobe Flash Player and Adobe AIR Any code that could be executed or service disruption ( Memory corruption ) There is a vulnerability that becomes a condition. This vulnerability CVE-2011-2135 , CVE-2011-2140 ,and CVE-2011-2425 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n                        SUSE Security Announcement\n\n        Package:                flash-player\n        Announcement ID:        SUSE-SA:2011:033\n        Date:                   Wed, 10 Aug 2011 14:00:00 +0000\n        Affected Products:      SUSE Linux Enterprise Desktop 11 SP1\n                                SUSE Linux Enterprise Desktop 10 SP4\n        Vulnerability Type:     remote code execution\n        CVSS v2 Base Score:     6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n        SUSE Default Package:   yes\n        Cross-References:       CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n                                CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n                                CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n                                CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n                                CVE-2011-2425\n\n    Content of This Advisory:\n        1) Security Vulnerability Resolved:\n             remote code execution\n           Problem Description\n        2) Solution or Work-Around\n        3) Special Instructions and Notes\n        4) Package Location and Checksums\n        5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n            none\n        6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n   Flash-Player was updated to version 10.3.188.5 to fix various buffer\n   and integer overflows:\n   - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   \n   Earlier flash-player versions can be exploited to execute arbitrary code\n   remotely with the privileges of the attacked user. \n   \n   For more details see:\n   http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n   none\n\n3) Special Instructions and Notes\n\n   Pleease restart your browser. \n\n4) Package Location and Checksums\n\n   The preferred method for installing security updates is to use the YaST\n   \"Online Update\" module or the \"zypper\" commandline tool. The package and\n   patch management stack will detect which updates are required and\n   automatically perform the necessary steps to verify and install them. \n\n   Alternatively, download the update packages for your distribution manually\n   and verify their integrity by the methods listed in Section 6 of this\n   announcement. Then install the packages using the command\n\n     rpm -Fhv \u003cfile.rpm\u003e\n\n   to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n   downloaded RPM package. \n\n   Our maintenance customers are notified individually. The packages are\n   offered for installation from the maintenance web:\n   \n   SUSE Linux Enterprise Desktop 10 SP4\n     http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n   \n   SUSE Linux Enterprise Desktop 11 SP1\n     http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n   none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n  - Announcement authenticity verification:\n\n    SUSE security announcements are published via mailing lists and on Web\n    sites. The authenticity and integrity of a SUSE security announcement is\n    guaranteed by a cryptographic signature in each announcement. All SUSE\n    security announcements are published with a valid signature. \n\n    To verify the signature of the announcement, save it as text into a file\n    and run the command\n\n      gpg --verify \u003cfile\u003e\n\n    replacing \u003cfile\u003e with the name of the file where you saved the\n    announcement. The output for a valid signature looks like:\n\n      gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n      gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n    where \u003cDATE\u003e is replaced by the date the document was signed. \n\n    If the security team\u0027s key is not contained in your key ring, you can\n    import it from the first installation CD. To import the key, use the\n    command\n\n      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n  - Package authenticity verification:\n\n    SUSE update packages are available on many mirror FTP servers all over the\n    world. While this service is considered valuable and important to the free\n    and open source software community, the authenticity and the integrity of\n    a package needs to be verified to ensure that it has not been tampered\n    with. \n\n    The internal rpm package signatures provide an easy way to verify the\n    authenticity of an RPM package. Use the command\n\n     rpm -v --checksig \u003cfile.rpm\u003e\n\n    to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n    filename of the RPM package downloaded. The package is unmodified if it\n    contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n    This key is automatically imported into the RPM database (on\n    RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n    installation. You can also find it on the first installation CD and at\n    the end of this announcement. \n\n  - SUSE runs two security mailing lists to which any interested party may\n    subscribe:\n\n    opensuse-security@opensuse.org\n        -   General Linux and SUSE security discussion. \n            All SUSE security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n    opensuse-security-announce@opensuse.org\n        -   SUSE\u0027s announce-only mailing list. \n            Only SUSE\u0027s security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n    The \u003csecurity@suse.de\u003e public key is listed below. \n    =====================================================================\n______________________________________________________________________________\n\n    The information in this advisory may be distributed or reproduced,\n    provided that the advisory is not modified in any way. In particular, the\n    clear text signature should show proof of the authenticity of the text. \n\n    SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n    with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[  1 ] APSA11-01\n       http://www.adobe.com/support/security/advisories/apsa11-01.html\n[  2 ] APSA11-02\n       http://www.adobe.com/support/security/advisories/apsa11-02.html\n[  3 ] APSB11-02\n       http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[  4 ] APSB11-12\n       http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[  5 ] APSB11-13\n       http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[  6 ] APSB11-21\n       https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[  7 ] APSB11-26\n       https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[  8 ] CVE-2011-0558\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[  9 ] CVE-2011-0559\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: acroread security update\nAdvisory ID:       RHSA-2011:1434-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date:        2011-11-08\nCVE Names:         CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n                   CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n                   CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n                   CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n                   CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n                   CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n                   CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n                   CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n                   CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n                   CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n                   CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for flash-plugin\n\nSECUNIA ADVISORY ID:\nSA45593\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45593/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nRELEASE DATE:\n2011-08-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45593/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45593/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nRed Hat has issued an update for flash-plugin. This fixes multiple\nvulnerabilities, which can be exploited by malicious people to\ndisclose sensitive information and compromise a user\u0027s system. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nORIGINAL ADVISORY:\nRHSA-2011:1144-1:\nhttps://rhn.redhat.com/errata/RHSA-2011-1144.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2417"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          },
          {
            "db": "BID",
            "id": "49084"
          },
          {
            "db": "VULHUB",
            "id": "VHN-50362"
          },
          {
            "db": "PACKETSTORM",
            "id": "103913"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "PACKETSTORM",
            "id": "103929"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2417",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "49084",
            "trust": 2.2
          },
          {
            "db": "USCERT",
            "id": "TA11-222A",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "45529",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "45583",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "48308",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "45593",
            "trust": 0.9
          },
          {
            "db": "OSVDB",
            "id": "74443",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1025907",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1025914",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA11-222A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "49085",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "17502",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "17880",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-50362",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103913",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103946",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105802",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "109194",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106736",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103929",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50362"
          },
          {
            "db": "BID",
            "id": "49084"
          },
          {
            "db": "PACKETSTORM",
            "id": "103913"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "PACKETSTORM",
            "id": "103929"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2417"
          }
        ]
      },
      "id": "VAR-201108-0210",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50362"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:18:03.075000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB11-21",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "title": "APSB11-21 (cpsid_91448)",
            "trust": 0.8,
            "url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
          },
          {
            "title": "APSB11-21",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
          },
          {
            "title": "HPSBMU02769 SSRT100846",
            "trust": 0.8,
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151"
          },
          {
            "title": "RHSA-2011:1144",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2011-1144.html"
          },
          {
            "title": "TA11-222A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50362"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2417"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.4,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.securityfocus.com/bid/49084"
          },
          {
            "trust": 1.9,
            "url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
          },
          {
            "trust": 1.4,
            "url": "http://secunia.com/advisories/45529"
          },
          {
            "trust": 1.4,
            "url": "http://secunia.com/advisories/45583"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14015"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15998"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2417"
          },
          {
            "trust": 0.8,
            "url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta11-222a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2417"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/74443"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/45593"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id?1025914"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id?1025907"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/49085"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/17502"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/17880"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100151664"
          },
          {
            "trust": 0.3,
            "url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/kb/docs/doc-11259"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
          },
          {
            "trust": 0.2,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1144.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
          },
          {
            "trust": 0.2,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
          },
          {
            "trust": 0.2,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
          },
          {
            "trust": 0.2,
            "url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
          },
          {
            "trust": 0.2,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.2,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/242"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45593"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/45593/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/45593/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50362"
          },
          {
            "db": "BID",
            "id": "49084"
          },
          {
            "db": "PACKETSTORM",
            "id": "103913"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "PACKETSTORM",
            "id": "103929"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2417"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-50362",
            "ident": null
          },
          {
            "db": "BID",
            "id": "49084",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103913",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103946",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105802",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "109194",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "106736",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103929",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2417",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50362",
            "ident": null
          },
          {
            "date": "2011-08-09T00:00:00",
            "db": "BID",
            "id": "49084",
            "ident": null
          },
          {
            "date": "2011-08-11T04:36:04",
            "db": "PACKETSTORM",
            "id": "103913",
            "ident": null
          },
          {
            "date": "2011-08-12T05:17:05",
            "db": "PACKETSTORM",
            "id": "103946",
            "ident": null
          },
          {
            "date": "2011-10-14T06:16:06",
            "db": "PACKETSTORM",
            "id": "105802",
            "ident": null
          },
          {
            "date": "2012-01-31T00:07:37",
            "db": "PACKETSTORM",
            "id": "109194",
            "ident": null
          },
          {
            "date": "2011-11-08T15:21:13",
            "db": "PACKETSTORM",
            "id": "106736",
            "ident": null
          },
          {
            "date": "2011-08-11T08:17:54",
            "db": "PACKETSTORM",
            "id": "103929",
            "ident": null
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-190",
            "ident": null
          },
          {
            "date": "2011-08-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-002159",
            "ident": null
          },
          {
            "date": "2011-08-10T22:55:01.047000",
            "db": "NVD",
            "id": "CVE-2011-2417",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50362",
            "ident": null
          },
          {
            "date": "2015-03-19T08:41:00",
            "db": "BID",
            "id": "49084",
            "ident": null
          },
          {
            "date": "2011-08-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-190",
            "ident": null
          },
          {
            "date": "2013-03-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-002159",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2417",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player and  Adobe AIR Vulnerable to arbitrary code execution",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002159"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-190"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201211-0368

    Vulnerability from variot - Updated: 2026-04-10 23:18

    Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. Adobe Flash Player Contains a vulnerability that allows access restrictions to be bypassed and arbitrary code execution.An attacker could bypass access restrictions and execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. Note: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record for better documentation. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Google Chrome Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA51210

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210

    RELEASE DATE: 2012-11-07

    DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/51210/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=51210

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

    For more information: SA51213

    2) An integer overflow error exists in WebP handling.

    3) An error in v8 can be exploited to cause an out-of-bounds array access.

    4) A use-after-free error exists in SVG filter handling.

    5) An error exists related to integer boundary checks within GPU command buffers.

    6) A use-after-free error exists in video layout handling.

    7) An error exists related to inappropriate loading of SVG subresource in "img" context.

    8) A race condition error exists in Pepper buffer handling.

    9) A type casting error exists in certain input handling.

    10) An error in Skia can be exploited to cause an out-of-bounds read.

    11) An error in texture handling can be exploited to corrupt memory.

    12) A use-after-free error exists in extension tab handling.

    13) A use-after-free error exists in plug-in placeholder handling.

    14) An error in v8 can be exploited to corrupt memory.

    SOLUTION: Upgrade to version 23.0.1271.64.

    PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team

    ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    873818 - flash-plugin: multiple code-execution flaws (APSB12-24)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.251-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.251-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.251-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.251-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.251-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . 7) Eduardo Vela Nava, Google Security Team

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.251"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.5.502.110"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.24"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.43"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.251"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include )"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 32-bit systems (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.5.502.110"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": "23.0.1271.64"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows    macintosh)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "linux)"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.43"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 64-bit systems (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.24"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.4.0.2540"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.3.9120"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.0.4990"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.4.0.2540"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.0.7220"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "12.2"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "56547"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5278"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_8",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Secunia",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          }
        ],
        "trust": 0.5
      },
      "cve": "CVE-2012-5278",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-5278",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-58559",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-5278",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-5278",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201211-135",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-58559",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58559"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5278"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. Adobe Flash Player Contains a vulnerability that allows access restrictions to be bypassed and arbitrary code execution.An attacker could bypass access restrictions and execute arbitrary code. Adobe Flash Player and AIR are prone to a remote code-execution vulnerability. \nNote: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record for better documentation. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2012:1431-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date:        2012-11-07\nCVE Names:         CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n                   CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n                   CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n7) Eduardo Vela Nava, Google Security Team",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-5278"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          },
          {
            "db": "BID",
            "id": "56547"
          },
          {
            "db": "VULHUB",
            "id": "VHN-58559"
          },
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117947"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-5278",
            "trust": 3.0
          },
          {
            "db": "SECUNIA",
            "id": "51186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "51207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "51213",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "51245",
            "trust": 1.2
          },
          {
            "db": "SECTRACK",
            "id": "1027730",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "51210",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "56547",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-58559",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "118097",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117963",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117960",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117947",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117961",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58559"
          },
          {
            "db": "BID",
            "id": "56547"
          },
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117947"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5278"
          }
        ]
      },
      "id": "VAR-201211-0368",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58559"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:18:01.678000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB12-24",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
          },
          {
            "title": "APSB12-24 (cq11061810)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
          },
          {
            "title": "APSB12-24",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Release and Beta Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "openSUSE-SU-2012:1480",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
          },
          {
            "title": "SUSE-SU-2012:1485",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
          },
          {
            "title": "RHSA-2012:1431",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1431.html"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-264",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58559"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5278"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/51186"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/51207"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/51213"
          },
          {
            "trust": 1.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1027730"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/51245"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79851"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5278"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5278"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/#topics"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/51210"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51245/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51245/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51207/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
          },
          {
            "trust": 0.1,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51207/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51186/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51186/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
          },
          {
            "trust": 0.1,
            "url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51210/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51210/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51213/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51213/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58559"
          },
          {
            "db": "BID",
            "id": "56547"
          },
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117947"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5278"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-58559",
            "ident": null
          },
          {
            "db": "BID",
            "id": "56547",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "118097",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117944",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117963",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117960",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117947",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117961",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5278",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2012-11-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-58559",
            "ident": null
          },
          {
            "date": "2012-11-06T00:00:00",
            "db": "BID",
            "id": "56547",
            "ident": null
          },
          {
            "date": "2012-11-14T06:05:43",
            "db": "PACKETSTORM",
            "id": "118097",
            "ident": null
          },
          {
            "date": "2012-11-07T04:12:41",
            "db": "PACKETSTORM",
            "id": "117944",
            "ident": null
          },
          {
            "date": "2012-11-08T11:19:24",
            "db": "PACKETSTORM",
            "id": "117963",
            "ident": null
          },
          {
            "date": "2012-11-08T11:19:15",
            "db": "PACKETSTORM",
            "id": "117960",
            "ident": null
          },
          {
            "date": "2012-11-08T00:12:49",
            "db": "PACKETSTORM",
            "id": "117947",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2012-11-08T11:19:18",
            "db": "PACKETSTORM",
            "id": "117961",
            "ident": null
          },
          {
            "date": "2012-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201211-135",
            "ident": null
          },
          {
            "date": "2012-11-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-005274",
            "ident": null
          },
          {
            "date": "2012-11-07T05:41:22.223000",
            "db": "NVD",
            "id": "CVE-2012-5278",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-58559",
            "ident": null
          },
          {
            "date": "2015-03-19T09:38:00",
            "db": "BID",
            "id": "56547",
            "ident": null
          },
          {
            "date": "2012-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201211-135",
            "ident": null
          },
          {
            "date": "2012-12-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-005274",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-5278",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to access restrictions",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005274"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "permissions and access control",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-135"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201212-0238

    Vulnerability from variot - Updated: 2026-04-10 23:17

    Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the loadPCMFromByteArray function in the flash.media.Sound object. When this function is called with a high number of 'samples' an integer overflow occurs during the calculation of a buffer size. This can lead to memory corruption that can result in remote code execution under the context of the current user. Failed exploit attempts will likely result in denial-of-service conditions. AIR is a technology developed for the combination of network and desktop applications, which can control cloud programs on the network without going through a browser. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1569-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1569.html Issue date: 2012-12-12 CVE Names: CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-27, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

    2. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    886200 - CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 flash-plugin: multiple code execution flaws (APSB12-27)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.258-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.258-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.258-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.258-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.258-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.258-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.258-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.258-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.258-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.258-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2012-5676.html https://www.redhat.com/security/data/cve/CVE-2012-5677.html https://www.redhat.com/security/data/cve/CVE-2012-5678.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-27.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFQyGJhXlSAg2UNWIIRAk+fAKCpyAfEImLmpa5GDhDn0qVwDT1aOgCeKWVK /I7KAaTWEKnqdTF2Qa3rwWs= =0jAo -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA51560

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51560/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51560

    RELEASE DATE: 2012-12-12

    DISCUSS ADVISORY: http://secunia.com/advisories/51560/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/51560/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=51560

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.

    1) An unspecified error exists and can be exploited to cause a buffer overflow.

    2) An integer overflow error exists and can be exploited to corrupt memory.

    3) An unspecified error exists and can be exploited to corrupt memory. * Adobe AIR version 3.5.0.600 and earlier for Windows and Macintosh.

    SOLUTION: Apply updates.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google Security Team 2) An anonymous person via ZDI 3) Tavis Ormandy, Google Security Team

    ORIGINAL ADVISORY: Adobe (APSB12-27): http://www.adobe.com/support/security/bulletins/apsb12-27.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.5.502.136"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.258"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.29"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.890"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.880"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.890"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.5.502.135"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.880"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.5"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.48"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.48"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.3.377.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include ) (macintosh)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.890"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.5.502.136"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(macintosh)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": "23.0.1271.97"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.890"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.880"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows    android)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows)"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "8 for 64-bit systems (adobe flash player 11.3.377.15"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.880"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.258"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include ) (windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.5.502.135"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.3.377.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "linux)"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "8 for 32-bit systems (adobe flash player 11.3.377.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.29"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.3.377.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (macintosh)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": null,
            "trust": 0.7,
            "vendor": "adobe",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.12.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.42.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.2.54"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "9.0.280"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.22.87"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.0.584"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.12.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "9.0.9.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.32.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.45.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.963.83"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "3.2.0.2080"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.57"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.100"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.102.55"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "18.0.1025.168"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.43"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "3.2.0.2070"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "16.0.912.75"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.963.60"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.102.59"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.115.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "19.0.1084.52"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.204"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.128"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.111.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.43"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.111.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.102.63"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "3.1.0.4880"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.2.202.228"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.127"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.65"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.112.61"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "18.0.1025.142"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.111.8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.111.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "16.0.91275"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.96379"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.33"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.112"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.71"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.102.62"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.111.7"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.2.202.235"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.102.228"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.91"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.963.78"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.2.202.233"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.963.56"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.37"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.107"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "15.0.874.120"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "14"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.77"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "16"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.96365"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "19"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.2.202.229"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.115.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.31"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.68"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.672.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.0.1.152"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "15.0.874.121"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "14.0.835.163"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "16.0.912.77"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "18.0.1025.151"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "18.0.1025.162"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.112"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.1.115.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "15.0.874102"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.133"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.215"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.205"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "14.0.835.186"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.2.202.223"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "17.0.963.46"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "11.0.1.153"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "16.0.912.63"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "14.0.835.202"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.30"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-021"
          },
          {
            "db": "BID",
            "id": "56896"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5677"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "An anonymous contributor through Tipping Point\u0027s Zero Day Initiative.",
        "sources": [
          {
            "db": "BID",
            "id": "56896"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2012-5677",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-5677",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "ZDI",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-5677",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "HIGH",
                "trust": 0.7,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-58958",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-5677",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-5677",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "ZDI",
                "id": "CVE-2012-5677",
                "trust": 0.7,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201212-158",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-58958",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2012-5677",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-58958"
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5677"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability.An attacker could execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the loadPCMFromByteArray function in the flash.media.Sound object. When this function is called with a high number of \u0027samples\u0027 an integer overflow occurs during the calculation of a buffer size. This can lead to memory corruption that can result in remote code execution under the context of the current user. Failed exploit  attempts will likely result in denial-of-service conditions. AIR is a technology developed for the combination of network and desktop applications, which can control cloud programs on the network without going through a browser. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2012:1569-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2012-1569.html\nIssue date:        2012-12-12\nCVE Names:         CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes three security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-27,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n886200 - CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 flash-plugin: multiple code execution flaws (APSB12-27)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.258-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5676.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5677.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5678.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-27.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQyGJhXlSAg2UNWIIRAk+fAKCpyAfEImLmpa5GDhDn0qVwDT1aOgCeKWVK\n/I7KAaTWEKnqdTF2Qa3rwWs=\n=0jAo\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51560\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51560/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51560\n\nRELEASE DATE:\n2012-12-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51560/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51560/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51560\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAdobe AIR, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error exists and can be exploited to cause a buffer\noverflow. \n\n2) An integer overflow error exists and can be exploited to corrupt\nmemory. \n\n3) An unspecified error exists and can be exploited to corrupt\nmemory. \n* Adobe AIR version 3.5.0.600 and earlier for Windows and Macintosh. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google\nSecurity Team\n2) An anonymous person via ZDI\n3) Tavis Ormandy, Google Security Team\n\nORIGINAL ADVISORY:\nAdobe (APSB12-27):\nhttp://www.adobe.com/support/security/bulletins/apsb12-27.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-5677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          },
          {
            "db": "ZDI",
            "id": "ZDI-13-021"
          },
          {
            "db": "BID",
            "id": "56896"
          },
          {
            "db": "VULHUB",
            "id": "VHN-58958"
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677"
          },
          {
            "db": "PACKETSTORM",
            "id": "118801"
          },
          {
            "db": "PACKETSTORM",
            "id": "118797"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          }
        ],
        "trust": 2.97
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-5677",
            "trust": 3.8
          },
          {
            "db": "ZDI",
            "id": "ZDI-13-021",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "56896",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-1582",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "51560",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "51549",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "51536",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "51526",
            "trust": 0.6
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-60512",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-58958",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "118801",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "118797",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-58958"
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677"
          },
          {
            "db": "BID",
            "id": "56896"
          },
          {
            "db": "PACKETSTORM",
            "id": "118801"
          },
          {
            "db": "PACKETSTORM",
            "id": "118797"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5677"
          }
        ]
      },
      "id": "VAR-201212-0238",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58958"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:17:27.170000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB12-27",
            "trust": 1.5,
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-27.html"
          },
          {
            "title": "APSB12-27 (cq11281733)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq11281733.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2012/12/stable-channel-update.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20121213f.html"
          },
          {
            "title": "install_flash_player_11_linux.i386",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45462"
          },
          {
            "title": "install_flash_player_osx",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45461"
          },
          {
            "title": "install_flashplayer11x32_mssd_aih",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45460"
          },
          {
            "title": "Red Hat: Critical: flash-plugin security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20121569 - Security Advisory"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-021"
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-189",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58958"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5677"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.0,
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-27.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00014.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00033.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5677"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20121212-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2012/at120037.txt"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5677"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10517"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/51526"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/51536"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/51549"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/51560"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/56896"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/air/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://www.google.com/chrome"
          },
          {
            "trust": 0.3,
            "url": "http://www.microsoft.com/windows/ie/"
          },
          {
            "trust": 0.3,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00094.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.3,
            "url": "http://www.blackberry.com/btsc/kb34161"
          },
          {
            "trust": 0.3,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "trust": 0.3,
            "url": "http://googlechromereleases.blogspot.ie/2012/12/stable-channel-update.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-13-021/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/189.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2012:1569"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2012-1569.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5676.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5678.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5677.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51560"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51560/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51560/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-13-021"
          },
          {
            "db": "VULHUB",
            "id": "VHN-58958"
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677"
          },
          {
            "db": "BID",
            "id": "56896"
          },
          {
            "db": "PACKETSTORM",
            "id": "118801"
          },
          {
            "db": "PACKETSTORM",
            "id": "118797"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5677"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-13-021",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-58958",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2012-5677",
            "ident": null
          },
          {
            "db": "BID",
            "id": "56896",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "118801",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "118797",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5677",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-11T00:00:00",
            "db": "ZDI",
            "id": "ZDI-13-021",
            "ident": null
          },
          {
            "date": "2012-12-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-58958",
            "ident": null
          },
          {
            "date": "2012-12-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2012-5677",
            "ident": null
          },
          {
            "date": "2012-12-11T00:00:00",
            "db": "BID",
            "id": "56896",
            "ident": null
          },
          {
            "date": "2012-12-13T06:04:49",
            "db": "PACKETSTORM",
            "id": "118801",
            "ident": null
          },
          {
            "date": "2012-12-12T10:01:35",
            "db": "PACKETSTORM",
            "id": "118797",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2012-12-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201212-158",
            "ident": null
          },
          {
            "date": "2012-12-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-005699",
            "ident": null
          },
          {
            "date": "2012-12-12T11:38:44.950000",
            "db": "NVD",
            "id": "CVE-2012-5677",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-11T00:00:00",
            "db": "ZDI",
            "id": "ZDI-13-021",
            "ident": null
          },
          {
            "date": "2018-12-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-58958",
            "ident": null
          },
          {
            "date": "2018-12-04T00:00:00",
            "db": "VULMON",
            "id": "CVE-2012-5677",
            "ident": null
          },
          {
            "date": "2015-03-19T09:44:00",
            "db": "BID",
            "id": "56896",
            "ident": null
          },
          {
            "date": "2012-12-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201212-158",
            "ident": null
          },
          {
            "date": "2012-12-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-005699",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-5677",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player and  Adobe AIR Integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005699"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201212-158"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200905-0196

    Vulnerability from variot - Updated: 2026-04-10 23:16

    racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Ipsec-tools of racoon/isakmp_frag.c Has a deficiency in handling fragmented packets with no payload, resulting in denial of service (DoS) There is a vulnerability that becomes a condition.Service operation disruption to a third party (DoS) There is a possibility of being put into a state. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets. Versions prior to IPsec-Tools 0.7.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    APPLE-SA-2010-12-16-1 Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2

    Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 is now available and addresses the following:

    CVE-ID: CVE-2008-4309 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may terminate the operation of the SNMP service Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By default, the 'WAN SNMP' configuration option is disabled, and the SNMP service is accessible only to other devices on the local network. This issue is addressed by applying the Net-SNMP patches.

    CVE-ID: CVE-2009-2189 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: Receiving a large number of IPv6 Router Advertisement (RA) and Neighbor Discovery (ND) packets from a system on the local network may cause the base station to restart Description: A resource consumption issue exists in the base station's handling of Router Advertisement (RA) and Neighbor Discovery (ND) packets. A system on the local network may send a large number of RA and ND packets that could exhaust the base station's resources, causing it to restart unexpectedly. This issue is addressed by rate limiting incoming ICMPv6 packets. Credit to Shoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed Co., Shirahata Shin and Rodney Van Meter of Keio University, and Tatuya Jinmei of Internet Systems Consortium, Inc. for reporting this issue.

    CVE-ID: CVE-2010-0039 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: An attacker may be able to query services behind an AirPort Base Station or Time Capsule's NAT from the source IP of the router, if any system behind the NAT has a portmapped FTP server Description: The AirPort Extreme Base Station and Time Capsule's Application-Level Gateway (ALG) rewrites incoming FTP traffic, including PORT commands, to appear as if it is the source. An attacker with write access to an FTP server inside the NAT may issue a malicious PORT command, causing the ALG to send attacker-supplied data to an IP and port behind the NAT. As the data is resent from the Base Station, it could potentially bypass any IP-based restrictions for the service. This issue is addressed by not rewriting inbound PORT commands via the ALG. Credit to Sabahattin Gucukoglu for reporting this issue. This issue is addressed through improved validation of fragmented ISAKMP packets.

    CVE-ID: CVE-2010-1804 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may cause the device to stop processing network traffic Description: An implementation issue exists in the network bridge. Sending a maliciously crafted DHCP reply to the device may cause it to stop responding to network traffic. This issue affects devices that have been configured to act as a bridge, or are configured in Network Address Translation (NAT) mode with a default host enabled. By default, the device operates in NAT mode, and no default host is configured. This update addresses the issue through improved handling of DHCP packets on the network bridge. Credit to Stefan R. Filipek for reporting this issue.

    Installation note for Firmware version 7.5.2

    Firmware version 7.5.2 is installed into Time Capsule or AirPort Base Station with 802.11n via AirPort Utility, provided with the device.

    It is recommended that AirPort Utility 5.5.2 be installed before upgrading to Firmware version 7.5.2.

    AirPort Utility 5.5.2 may be obtained through Apple's Software Download site: http://www.apple.com/support/downloads/

    Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)

    iQEcBAEBAgAGBQJNCWXyAAoJEGnF2JsdZQeevTQH/0856gTUzzmL371/nSkhn3qq MCPQVaEMe8O/jy96nlskwzp3X0X0QmXePok1enp6QhDhHm0YL3a4q7YHd4zjm6mM JUoVR4JJRSKOb1bVdEXqo+qG/PH7/5ywfrGas+MjOshMa3gnhYVee39N7Xtz0pHD 3ZllZRwGwad1sQLL7DhJKZ92z6t2GfHoJyK4LZNemkQAL1HyUu7Hj9SlljcVB+Ub xNnpmBXJcCZzp4nRQM+fbLf6bdZ1ua5DTc1pXC8vETtxyHc53G/vLCu8SKBnTBlK JmkpGwG5fXNuYLL8ArFUuEu3zhE7kfdeftUrEez3YeL2DgU9iB8m8RkuuSrVJEY= =WPH8 -----END PGP SIGNATURE-----

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200905-03


                                            http://security.gentoo.org/
    

    Severity: Normal Title: IPSec Tools: Denial of Service Date: May 24, 2009 Bugs: #267135 ID: 200905-03


    Synopsis

    Multiple errors in the IPSec Tools racoon daemon might allow remote attackers to cause a Denial of Service.

    Background

    The IPSec Tools are a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation. They include racoon, an Internet Key Exchange daemon for automatically keying IPsec connections.

    • Multiple memory leaks exist in (1) the eay_check_x509sign() function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c (CVE-2009-1632).

    Workaround

    There is no known workaround at this time.

    Resolution

    All IPSec Tools users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.7.2"
    

    References

    [ 1 ] CVE-2009-1574 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 [ 2 ] CVE-2009-1632 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200905-03.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-1804-1 security@debian.org http://www.debian.org/security/ Nico Golde May 20th, 2009 http://www.debian.org/security/faq


    Package : ipsec-tools Vulnerability : null pointer dereference, memory leaks Problem type : remote Debian-specific: no Debian bug : 527634 528933 CVE ID : CVE-2009-1574 CVE-2009-1632

    Several remote vulnerabilities have been discovered in racoon, the Internet Key Exchange daemon of ipsec-tools. This results in the daemon crashing which can be used for denial of service attacks (CVE-2009-1574).

    Various memory leaks in the X.509 certificate authentication handling and the NAT-Traversal keepalive implementation can result in memory exhaustion and thus denial of service (CVE-2009-1632).

    For the oldstable distribution (etch), this problem has been fixed in version 0.6.6-3.1etch3.

    For the stable distribution (lenny), this problem has been fixed in version 0.7.1-1.3+lenny2.

    For the testing distribution (squeeze), this problem will be fixed soon.

    For the unstable distribution (sid), this problem has been fixed in version 1:0.7.1-1.5.

    We recommend that you upgrade your ipsec-tools packages.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Debian (oldstable)


    Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc Size/MD5 checksum: 722 8b561cf84ac9c46ec07b037ce3ad06f1 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz Size/MD5 checksum: 49875 7444fb4ad448ccfffe878801a2b88d2e

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb Size/MD5 checksum: 343790 9cee9f8c479a3a2952d2913d7bdc4c5d http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb Size/MD5 checksum: 89184 5ccd4554eec28da6d933dc20a8a39393

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb Size/MD5 checksum: 325706 9ce7988b74bccee252be7dac7ac8b5f7 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb Size/MD5 checksum: 89748 513ded0e4a33200710444e1bf4ab67d8

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb Size/MD5 checksum: 353066 c56644b426ae945ca420d4ca37fc3f2a http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb Size/MD5 checksum: 94092 80b46b6fd60e857c84c588432b098957

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb Size/MD5 checksum: 330258 b905d30958bd5c51d355f286f81b8be1 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb Size/MD5 checksum: 85046 294ccbc4b51e4942edaeec7cd746dfa3

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb Size/MD5 checksum: 113356 111f0daa2075584c100efc9c11ecef73 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb Size/MD5 checksum: 468296 bd4d69b5e0d4ee39ec564e1304f7649c

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb Size/MD5 checksum: 89018 b6af57d65d43a7433132bee9657ba608 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb Size/MD5 checksum: 344558 aba2d85d5196c2a46555ad9e478d338a

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb Size/MD5 checksum: 346856 97e04d97bdd55f852392d7461bad7f4d http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb Size/MD5 checksum: 90308 9e780cda3df3384d0f1e33637d003f21

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb Size/MD5 checksum: 91048 98174626d8ad1fba940c81001c337a4f http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb Size/MD5 checksum: 337266 9f636e6d8904103b0096a4eed99e9cae

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb Size/MD5 checksum: 341586 b42ddbad323dcdbd775d502f786ab449 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb Size/MD5 checksum: 90750 62d4c3e618a6c69d532b8d8d33bb27b9

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb Size/MD5 checksum: 85710 9f1f526be4f2df4eb64d46023d87c6b3 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb Size/MD5 checksum: 317136 38e50e9d97b46b51d12429b9ea727858

    Debian GNU/Linux 5.0 alias lenny


    Debian (stable)


    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz Size/MD5 checksum: 49472 4bc8ba2bd520a7514f2c33021c64e8ce http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz Size/MD5 checksum: 1039057 ddff5ec5a06b804ca23dc41268368853 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc Size/MD5 checksum: 1144 46d3f28156ee183512a451588ef414e4

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb Size/MD5 checksum: 428532 052c13540da3fab19fdca83e9a389a39 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb Size/MD5 checksum: 114088 78065dd99d3732291e8d499383af17d9

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb Size/MD5 checksum: 409514 a421f12270f5b22639d67be8d2cc8b4e http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb Size/MD5 checksum: 104612 9ec93c697cf64232728d0dd5658efac8

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb Size/MD5 checksum: 104604 78fa45a7e0503e4ee87e7508294cb0b0 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb Size/MD5 checksum: 381692 f1943edf9599189d16a2f936fa971abc

    armel architecture (ARM EABI)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb Size/MD5 checksum: 387510 63ebe895d019d2362a0a11a0de0842c6 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb Size/MD5 checksum: 104268 6c224349c910ffce5bb892f2a06dc243

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb Size/MD5 checksum: 375004 5a43cbb6106d576ab686e9e4eb78c245 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb Size/MD5 checksum: 99098 6c81df8c4653265f10ad6abf68091329

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb Size/MD5 checksum: 131288 dfa8646655028ae53bddad7f41e9f3a4 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb Size/MD5 checksum: 544150 8e274b6b73125efe0fa8392398e0c5ea

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb Size/MD5 checksum: 103502 5bd00dfdef0862a63bb666ed949e26ef http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb Size/MD5 checksum: 388820 46fc10315192943b912126fe68ffeea9

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb Size/MD5 checksum: 104216 a271cb33c891084479ed441945672f14 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb Size/MD5 checksum: 390562 352f78906e08ddb861053dfed30640bf

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb Size/MD5 checksum: 403162 0210fa37088d78ee9aa53395aa0148e8 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb Size/MD5 checksum: 109438 26f043be5fb248d33b605d1987fa472a

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb Size/MD5 checksum: 107474 aa6203b0e9e6dacbe39520be6b849eea http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb Size/MD5 checksum: 399386 e965abdcf32838fff7753e789e703205

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb Size/MD5 checksum: 102486 57b2e115a15e08518f00158c1fe36cf2 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb Size/MD5 checksum: 373916 7e2278ac7b4f0b352814ad2f55b1213a

    These files will probably be moved into the stable distribution on its next update.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI 3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l =84V/ -----END PGP SIGNATURE----- .

    Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue.

    Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update.

    Update:

    Packages for 2008.0 are being provided due to extended support for Corporate products.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574


    Updated Packages:

    Mandriva Linux 2008.0: 8256debb7fe84394de70499907060de6 2008.0/i586/flex-2.5.33-2.1mdv2008.0.i586.rpm c03c0f9fe8f564ea777b82789ac95f41 2008.0/i586/ipsec-tools-0.7.2-0.1mdv2008.0.i586.rpm 9da2195c693a7fe40f7afb3c5806aaca 2008.0/i586/libipsec0-0.7.2-0.1mdv2008.0.i586.rpm 29dcc9414a59cba30ce801b9fef416a6 2008.0/i586/libipsec-devel-0.7.2-0.1mdv2008.0.i586.rpm b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 36c5d0eb92197c814b90c814d21d3372 2008.0/x86_64/flex-2.5.33-2.1mdv2008.0.x86_64.rpm 7a976c988badcb9fae93509acfe99aa2 2008.0/x86_64/ipsec-tools-0.7.2-0.1mdv2008.0.x86_64.rpm 85b8ed6e328b048c13eb503bfee8dcdc 2008.0/x86_64/lib64ipsec0-0.7.2-0.1mdv2008.0.x86_64.rpm a22f34f1cfac38c9029eb032e3257285 2008.0/x86_64/lib64ipsec-devel-0.7.2-0.1mdv2008.0.x86_64.rpm b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. =========================================================== Ubuntu Security Notice USN-785-1 June 09, 2009 ipsec-tools vulnerabilities CVE-2009-1574, CVE-2009-1632 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: racoon 1:0.6.5-4ubuntu1.3

    Ubuntu 8.04 LTS: racoon 1:0.6.7-1.1ubuntu1.2

    Ubuntu 8.10: racoon 1:0.7-2.1ubuntu1.8.10.1

    Ubuntu 9.04: racoon 1:0.7-2.1ubuntu1.9.04.1

    In general, a standard system upgrade is sufficient to effect the necessary changes. (CVE-2009-1574)

    It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.3.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.3.2"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.3.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.2.4"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.2.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.2.2"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.2.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.2"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "ipsec tools",
            "version": "0.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ipsec tools",
            "version": "0.6.6"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ipsec tools",
            "version": "0.6.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ipsec tools",
            "version": "0.6.2"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ipsec tools",
            "version": "0.6.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ipsec tools",
            "version": "0.5"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "ipsec tools",
            "version": "0.7"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ipsec tools",
            "version": "0.4"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ipsec tools",
            "version": "0.6.5"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ipsec tools",
            "version": "0.6.4"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "ipsec tools",
            "version": "0.7.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "ipsec tools",
            "version": "0.7.2"
          },
          {
            "_id": null,
            "model": "airmac express",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "base station  (802.11n)"
          },
          {
            "_id": null,
            "model": "airmac extreme",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "base station  (802.11n)"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.8"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.6"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.6.1"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.8"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.6"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.6.1"
          },
          {
            "_id": null,
            "model": "time capsule",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.3.z (server)"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sp2 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sp1 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "suse linux enterprise server rt solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "100"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "hat fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "9"
          },
          {
            "_id": null,
            "model": "hat fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "10"
          },
          {
            "_id": null,
            "model": "hat enterprise linux eus 5.3.z server",
            "scope": null,
            "trust": 0.3,
            "vendor": "red",
            "version": null
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.7.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.6.7"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.6"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.5.2"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.5.1"
          },
          {
            "_id": null,
            "model": "ipsec-tools rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.4"
          },
          {
            "_id": null,
            "model": "ipsec-tools rc5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools rc4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools rc3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.2.5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.4.2"
          },
          {
            "_id": null,
            "model": "time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "time capsule",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.8"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.4.2"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.3.1"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.7"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "airport extreme base station with 802.11n",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "airport extreme base station",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport extreme",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "airport express base station with 802.11n",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.4.1"
          },
          {
            "_id": null,
            "model": "airport express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ipsec-tools",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipsec tools",
            "version": "0.7.2"
          },
          {
            "_id": null,
            "model": "time capsule",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "airport extreme base station with 802.11n",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.5.2"
          },
          {
            "_id": null,
            "model": "airport express base station with 802.11n",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "7.5.2"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "34765"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1574"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:ipsec-tools:ipsec-tools",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:airport_express",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:airmac_extreme",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:time_capsule",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_eus",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Neil Kettle, stephen.bevan, and the vendor.",
        "sources": [
          {
            "db": "BID",
            "id": "34765"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2009-1574",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2009-1574",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-1574",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2009-1574",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200905-078",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2009-1574",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-1574"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1574"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Ipsec-tools of racoon/isakmp_frag.c Has a deficiency in handling fragmented packets with no payload, resulting in denial of service (DoS) There is a vulnerability that becomes a condition.Service operation disruption to a third party (DoS) There is a possibility of being put into a state. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets. \nVersions prior to IPsec-Tools 0.7.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2010-12-16-1 Time Capsule and AirPort Base Station\n(802.11n) Firmware 7.5.2\n\nTime Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 is\nnow available and addresses the following:\n\nCVE-ID:  CVE-2008-4309\nAvailable for:  AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact:  A remote attacker may terminate the operation of the SNMP\nservice\nDescription:  An integer overflow exists in the\nnetsnmp_create_subtree_cache function. By default, the\n\u0027WAN SNMP\u0027 configuration option is disabled, and the SNMP service is\naccessible only to other devices on the local network. This issue is\naddressed by applying the Net-SNMP patches. \n\nCVE-ID:  CVE-2009-2189\nAvailable for:  AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact:  Receiving a large number of IPv6 Router Advertisement (RA)\nand Neighbor Discovery (ND) packets from a system on the local\nnetwork may cause the base station to restart\nDescription:  A resource consumption issue exists in the base\nstation\u0027s handling of Router Advertisement (RA) and Neighbor\nDiscovery (ND) packets. A system on the local network may send a\nlarge number of RA and ND packets that could exhaust the base\nstation\u0027s resources, causing it to restart unexpectedly. This issue\nis addressed by rate limiting incoming ICMPv6 packets. Credit to\nShoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed\nCo., Shirahata Shin and Rodney Van Meter of Keio University, and\nTatuya Jinmei of Internet Systems Consortium, Inc. for reporting this\nissue. \n\nCVE-ID:  CVE-2010-0039\nAvailable for:  AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact:  An attacker may be able to query services behind an AirPort\nBase Station or Time Capsule\u0027s NAT from the source IP of the router,\nif any system behind the NAT has a portmapped FTP server\nDescription:  The AirPort Extreme Base Station and Time Capsule\u0027s\nApplication-Level Gateway (ALG) rewrites incoming FTP traffic,\nincluding PORT commands, to appear as if it is the source. An\nattacker with write access to an FTP server inside the NAT may issue\na malicious PORT command, causing the ALG to send attacker-supplied\ndata to an IP and port behind the NAT. As the data is resent from the\nBase Station, it could potentially bypass any IP-based restrictions\nfor the service. This issue is addressed by not rewriting inbound\nPORT commands via the ALG. Credit to Sabahattin Gucukoglu for\nreporting this issue. This issue is addressed\nthrough improved validation of fragmented ISAKMP packets. \n\nCVE-ID:  CVE-2010-1804\nAvailable for:  AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact:  A remote attacker may cause the device to stop processing\nnetwork traffic\nDescription:  An implementation issue exists in the network bridge. \nSending a maliciously crafted DHCP reply to the device may cause it\nto stop responding to network traffic. This issue affects devices\nthat have been configured to act as a bridge, or are configured in\nNetwork Address Translation (NAT) mode with a default host enabled. \nBy default, the device operates in NAT mode, and no default host is\nconfigured. This update addresses the issue through improved handling\nof DHCP packets on the network bridge. Credit to Stefan R. Filipek\nfor reporting this issue. \n\n\nInstallation note for Firmware version 7.5.2\n\nFirmware version 7.5.2 is installed into Time Capsule or AirPort Base\nStation with 802.11n via AirPort Utility, provided with the device. \n\nIt is recommended that AirPort Utility 5.5.2 be installed before\nupgrading to Firmware version 7.5.2. \n\nAirPort Utility 5.5.2 may be obtained through Apple\u0027s Software\nDownload site: http://www.apple.com/support/downloads/\n\n\nInformation will also be posted to the Apple Security Updates\nweb site:  http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJNCWXyAAoJEGnF2JsdZQeevTQH/0856gTUzzmL371/nSkhn3qq\nMCPQVaEMe8O/jy96nlskwzp3X0X0QmXePok1enp6QhDhHm0YL3a4q7YHd4zjm6mM\nJUoVR4JJRSKOb1bVdEXqo+qG/PH7/5ywfrGas+MjOshMa3gnhYVee39N7Xtz0pHD\n3ZllZRwGwad1sQLL7DhJKZ92z6t2GfHoJyK4LZNemkQAL1HyUu7Hj9SlljcVB+Ub\nxNnpmBXJcCZzp4nRQM+fbLf6bdZ1ua5DTc1pXC8vETtxyHc53G/vLCu8SKBnTBlK\nJmkpGwG5fXNuYLL8ArFUuEu3zhE7kfdeftUrEez3YeL2DgU9iB8m8RkuuSrVJEY=\n=WPH8\n-----END PGP SIGNATURE-----\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200905-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: IPSec Tools: Denial of Service\n      Date: May 24, 2009\n      Bugs: #267135\n        ID: 200905-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple errors in the IPSec Tools racoon daemon might allow remote\nattackers to cause a Denial of Service. \n\nBackground\n==========\n\nThe IPSec Tools are a port of KAME\u0027s IPsec utilities to the Linux-2.6\nIPsec implementation. They include racoon, an Internet Key Exchange\ndaemon for automatically keying IPsec connections. \n\n* Multiple memory leaks exist in (1) the eay_check_x509sign()\n  function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c\n  (CVE-2009-1632). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IPSec Tools users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-firewall/ipsec-tools-0.7.2\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2009-1574\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574\n  [ 2 ] CVE-2009-1632\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200905-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1804-1                    security@debian.org\nhttp://www.debian.org/security/                                 Nico Golde\nMay 20th, 2009                          http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : ipsec-tools\nVulnerability  : null pointer dereference, memory leaks\nProblem type   : remote\nDebian-specific: no\nDebian bug     : 527634 528933\nCVE ID         : CVE-2009-1574 CVE-2009-1632\n\nSeveral remote vulnerabilities have been discovered in racoon, the Internet Key\nExchange daemon of ipsec-tools.  This results in the daemon crashing which can be used\nfor denial of service attacks (CVE-2009-1574). \n\nVarious memory leaks in the X.509 certificate authentication handling and the\nNAT-Traversal keepalive implementation can result in memory exhaustion and\nthus denial of service (CVE-2009-1632). \n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 0.6.6-3.1etch3. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.7.1-1.3+lenny2. \n\nFor the testing distribution (squeeze), this problem will be fixed soon. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:0.7.1-1.5. \n\n\nWe recommend that you upgrade your ipsec-tools packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc\n    Size/MD5 checksum:      722 8b561cf84ac9c46ec07b037ce3ad06f1\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz\n    Size/MD5 checksum:    49875 7444fb4ad448ccfffe878801a2b88d2e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb\n    Size/MD5 checksum:   343790 9cee9f8c479a3a2952d2913d7bdc4c5d\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb\n    Size/MD5 checksum:    89184 5ccd4554eec28da6d933dc20a8a39393\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb\n    Size/MD5 checksum:   325706 9ce7988b74bccee252be7dac7ac8b5f7\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb\n    Size/MD5 checksum:    89748 513ded0e4a33200710444e1bf4ab67d8\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb\n    Size/MD5 checksum:   353066 c56644b426ae945ca420d4ca37fc3f2a\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb\n    Size/MD5 checksum:    94092 80b46b6fd60e857c84c588432b098957\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb\n    Size/MD5 checksum:   330258 b905d30958bd5c51d355f286f81b8be1\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb\n    Size/MD5 checksum:    85046 294ccbc4b51e4942edaeec7cd746dfa3\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb\n    Size/MD5 checksum:   113356 111f0daa2075584c100efc9c11ecef73\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb\n    Size/MD5 checksum:   468296 bd4d69b5e0d4ee39ec564e1304f7649c\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb\n    Size/MD5 checksum:    89018 b6af57d65d43a7433132bee9657ba608\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb\n    Size/MD5 checksum:   344558 aba2d85d5196c2a46555ad9e478d338a\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb\n    Size/MD5 checksum:   346856 97e04d97bdd55f852392d7461bad7f4d\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb\n    Size/MD5 checksum:    90308 9e780cda3df3384d0f1e33637d003f21\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb\n    Size/MD5 checksum:    91048 98174626d8ad1fba940c81001c337a4f\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb\n    Size/MD5 checksum:   337266 9f636e6d8904103b0096a4eed99e9cae\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb\n    Size/MD5 checksum:   341586 b42ddbad323dcdbd775d502f786ab449\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb\n    Size/MD5 checksum:    90750 62d4c3e618a6c69d532b8d8d33bb27b9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb\n    Size/MD5 checksum:    85710 9f1f526be4f2df4eb64d46023d87c6b3\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb\n    Size/MD5 checksum:   317136 38e50e9d97b46b51d12429b9ea727858\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz\n    Size/MD5 checksum:    49472 4bc8ba2bd520a7514f2c33021c64e8ce\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz\n    Size/MD5 checksum:  1039057 ddff5ec5a06b804ca23dc41268368853\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc\n    Size/MD5 checksum:     1144 46d3f28156ee183512a451588ef414e4\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb\n    Size/MD5 checksum:   428532 052c13540da3fab19fdca83e9a389a39\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb\n    Size/MD5 checksum:   114088 78065dd99d3732291e8d499383af17d9\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb\n    Size/MD5 checksum:   409514 a421f12270f5b22639d67be8d2cc8b4e\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb\n    Size/MD5 checksum:   104612 9ec93c697cf64232728d0dd5658efac8\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb\n    Size/MD5 checksum:   104604 78fa45a7e0503e4ee87e7508294cb0b0\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb\n    Size/MD5 checksum:   381692 f1943edf9599189d16a2f936fa971abc\n\narmel architecture (ARM EABI)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb\n    Size/MD5 checksum:   387510 63ebe895d019d2362a0a11a0de0842c6\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb\n    Size/MD5 checksum:   104268 6c224349c910ffce5bb892f2a06dc243\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb\n    Size/MD5 checksum:   375004 5a43cbb6106d576ab686e9e4eb78c245\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb\n    Size/MD5 checksum:    99098 6c81df8c4653265f10ad6abf68091329\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb\n    Size/MD5 checksum:   131288 dfa8646655028ae53bddad7f41e9f3a4\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb\n    Size/MD5 checksum:   544150 8e274b6b73125efe0fa8392398e0c5ea\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb\n    Size/MD5 checksum:   103502 5bd00dfdef0862a63bb666ed949e26ef\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb\n    Size/MD5 checksum:   388820 46fc10315192943b912126fe68ffeea9\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb\n    Size/MD5 checksum:   104216 a271cb33c891084479ed441945672f14\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb\n    Size/MD5 checksum:   390562 352f78906e08ddb861053dfed30640bf\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb\n    Size/MD5 checksum:   403162 0210fa37088d78ee9aa53395aa0148e8\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb\n    Size/MD5 checksum:   109438 26f043be5fb248d33b605d1987fa472a\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb\n    Size/MD5 checksum:   107474 aa6203b0e9e6dacbe39520be6b849eea\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb\n    Size/MD5 checksum:   399386 e965abdcf32838fff7753e789e703205\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb\n    Size/MD5 checksum:   102486 57b2e115a15e08518f00158c1fe36cf2\n  http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb\n    Size/MD5 checksum:   373916 7e2278ac7b4f0b352814ad2f55b1213a\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI\n3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l\n=84V/\n-----END PGP SIGNATURE-----\n. \n \n Updated packages are available that brings ipsec-tools to version\n 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous\n bugfixes over the previous 0.7.1 version, and also corrects this\n issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been\n patched to address this issue. \n \n Additionally the flex package required for building ipsec-tools has\n been fixed due to ipsec-tools build problems and is also available\n with this update. \n\n Update:\n\n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 8256debb7fe84394de70499907060de6  2008.0/i586/flex-2.5.33-2.1mdv2008.0.i586.rpm\n c03c0f9fe8f564ea777b82789ac95f41  2008.0/i586/ipsec-tools-0.7.2-0.1mdv2008.0.i586.rpm\n 9da2195c693a7fe40f7afb3c5806aaca  2008.0/i586/libipsec0-0.7.2-0.1mdv2008.0.i586.rpm\n 29dcc9414a59cba30ce801b9fef416a6  2008.0/i586/libipsec-devel-0.7.2-0.1mdv2008.0.i586.rpm \n b3ceeee8a3a36388d02426b77a45d862  2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm\n b0cb7993f29eac3d5f170c7cd3cf0cb5  2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 36c5d0eb92197c814b90c814d21d3372  2008.0/x86_64/flex-2.5.33-2.1mdv2008.0.x86_64.rpm\n 7a976c988badcb9fae93509acfe99aa2  2008.0/x86_64/ipsec-tools-0.7.2-0.1mdv2008.0.x86_64.rpm\n 85b8ed6e328b048c13eb503bfee8dcdc  2008.0/x86_64/lib64ipsec0-0.7.2-0.1mdv2008.0.x86_64.rpm\n a22f34f1cfac38c9029eb032e3257285  2008.0/x86_64/lib64ipsec-devel-0.7.2-0.1mdv2008.0.x86_64.rpm \n b3ceeee8a3a36388d02426b77a45d862  2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm\n b0cb7993f29eac3d5f170c7cd3cf0cb5  2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. ===========================================================\nUbuntu Security Notice USN-785-1              June 09, 2009\nipsec-tools vulnerabilities\nCVE-2009-1574, CVE-2009-1632\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  racoon                          1:0.6.5-4ubuntu1.3\n\nUbuntu 8.04 LTS:\n  racoon                          1:0.6.7-1.1ubuntu1.2\n\nUbuntu 8.10:\n  racoon                          1:0.7-2.1ubuntu1.8.10.1\n\nUbuntu 9.04:\n  racoon                          1:0.7-2.1ubuntu1.9.04.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. (CVE-2009-1574)\n\nIt was discovered that ipsec-tools did not properly handle memory usage\nwhen verifying certificate signatures or processing nat-traversal\nkeep-alive messages",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-1574"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          },
          {
            "db": "BID",
            "id": "34765"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-1574"
          },
          {
            "db": "PACKETSTORM",
            "id": "96766"
          },
          {
            "db": "PACKETSTORM",
            "id": "77778"
          },
          {
            "db": "PACKETSTORM",
            "id": "77702"
          },
          {
            "db": "PACKETSTORM",
            "id": "83402"
          },
          {
            "db": "PACKETSTORM",
            "id": "77498"
          },
          {
            "db": "PACKETSTORM",
            "id": "78176"
          }
        ],
        "trust": 2.52
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=8669",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-1574"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-1574",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "34765",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "35159",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "35404",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35685",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35113",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35153",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35212",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2009/04/29/6",
            "trust": 1.7
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2009/05/04/3",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-3184",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "50412",
            "trust": 1.4
          },
          {
            "db": "JUNIPER",
            "id": "JSA10705",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540",
            "trust": 0.8
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20090504 RE: IPSEC-TOOLS 0.7.2",
            "trust": 0.6
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20090429 IPSEC-TOOLS 0.7.2",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2009-4394",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2009-4298",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2009-4291",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2009-11-09-1",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-785-1",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1804",
            "trust": 0.6
          },
          {
            "db": "MANDRIVA",
            "id": "MDVSA-2009:112",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SR:2009:012",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2009:1036",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200905-03",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078",
            "trust": 0.6
          },
          {
            "db": "EXPLOIT-DB",
            "id": "8669",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-1574",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "96766",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "77778",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "77702",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83402",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "77498",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "78176",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-1574"
          },
          {
            "db": "BID",
            "id": "34765"
          },
          {
            "db": "PACKETSTORM",
            "id": "96766"
          },
          {
            "db": "PACKETSTORM",
            "id": "77778"
          },
          {
            "db": "PACKETSTORM",
            "id": "77702"
          },
          {
            "db": "PACKETSTORM",
            "id": "83402"
          },
          {
            "db": "PACKETSTORM",
            "id": "77498"
          },
          {
            "db": "PACKETSTORM",
            "id": "78176"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1574"
          }
        ]
      },
      "id": "VAR-200905-0196",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.393692325
      },
      "last_update_date": "2026-04-10T23:16:56.486000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HT3937",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3937"
          },
          {
            "title": "HT4298",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4298"
          },
          {
            "title": "HT3937",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3937?viewlocale=ja_JP"
          },
          {
            "title": "HT4298",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4298?viewlocale=ja_JP"
          },
          {
            "title": "ipsec-tools-0.6.5-13AXS3.1",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=783"
          },
          {
            "title": "ipsec-tools-0.6.5-8.2AXS3",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=443"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://ipsec-tools.sourceforge.net/"
          },
          {
            "title": "RHSA-2009:1036",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1036.html"
          },
          {
            "title": "RHSA-2009:1036",
            "trust": 0.8,
            "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1036J.html"
          },
          {
            "title": "Red Hat: Important: ipsec-tools security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20091036 - Security Advisory"
          },
          {
            "title": "Debian CVElist Bug Report Logs: ipsec-tools: CVE-2009-1574 remote denial of service",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=7a2f5c7415c2b82442d784c54a73a67d"
          },
          {
            "title": "Ubuntu Security Notice: ipsec-tools vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-785-1"
          },
          {
            "title": "Debian Security Advisories: DSA-1804-1 ipsec-tools -- null pointer dereference, memory leaks",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=0aee0799469477a479924d08d4b3c120"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-1574"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1574"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.6,
            "url": "http://www.securityfocus.com/bid/34765"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/35159"
          },
          {
            "trust": 2.0,
            "url": "http://sourceforge.net/project/shownotes.php?group_id=74601\u0026release_id=677611"
          },
          {
            "trust": 1.8,
            "url": "http://security.gentoo.org/glsa/glsa-200905-03.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2009/04/29/6"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=497990"
          },
          {
            "trust": 1.7,
            "url": "http://www.openwall.com/lists/oss-security/2009/05/04/3"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:112"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg00725.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2009/dsa-1804"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg00746.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35113"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2009-1036.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35153"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35212"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-785-1"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg00789.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35404"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35685"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht3937"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2009/nov/msg00000.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2009/3184"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/50412"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2010//dec/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4298"
          },
          {
            "trust": 1.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50412"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9624"
          },
          {
            "trust": 1.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1574"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu545319"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1574"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1574"
          },
          {
            "trust": 0.3,
            "url": "https://trac.ipsec-tools.net/ticket/303"
          },
          {
            "trust": 0.3,
            "url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c?f=h#rev1.4.6.1"
          },
          {
            "trust": 0.3,
            "url": "http://comments.gmane.org/gmane.comp.security.oss.general/1716"
          },
          {
            "trust": 0.3,
            "url": "http://ipsec-tools.sourceforge.net/"
          },
          {
            "trust": 0.3,
            "url": "http://xorl.wordpress.com/2009/05/04/ipsec-tools-null-pointer-dereference/"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2009-1036.html"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1632"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2009:1036"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/785-1/"
          },
          {
            "trust": 0.1,
            "url": "https://www.exploit-db.com/exploits/8669/"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20215"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4309"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2189"
          },
          {
            "trust": 0.1,
            "url": "http://www.apple.com/support/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1804"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0039"
          },
          {
            "trust": 0.1,
            "url": "http://support.apple.com/kb/ht1222"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1632"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_powerpc.deb"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-1574"
          },
          {
            "db": "BID",
            "id": "34765"
          },
          {
            "db": "PACKETSTORM",
            "id": "96766"
          },
          {
            "db": "PACKETSTORM",
            "id": "77778"
          },
          {
            "db": "PACKETSTORM",
            "id": "77702"
          },
          {
            "db": "PACKETSTORM",
            "id": "83402"
          },
          {
            "db": "PACKETSTORM",
            "id": "77498"
          },
          {
            "db": "PACKETSTORM",
            "id": "78176"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1574"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2009-1574",
            "ident": null
          },
          {
            "db": "BID",
            "id": "34765",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "96766",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "77778",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "77702",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83402",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "77498",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "78176",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1574",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-05-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-1574",
            "ident": null
          },
          {
            "date": "2009-04-22T00:00:00",
            "db": "BID",
            "id": "34765",
            "ident": null
          },
          {
            "date": "2010-12-17T07:46:59",
            "db": "PACKETSTORM",
            "id": "96766",
            "ident": null
          },
          {
            "date": "2009-05-24T14:34:56",
            "db": "PACKETSTORM",
            "id": "77778",
            "ident": null
          },
          {
            "date": "2009-05-21T06:08:56",
            "db": "PACKETSTORM",
            "id": "77702",
            "ident": null
          },
          {
            "date": "2009-12-03T20:58:37",
            "db": "PACKETSTORM",
            "id": "83402",
            "ident": null
          },
          {
            "date": "2009-05-14T05:17:21",
            "db": "PACKETSTORM",
            "id": "77498",
            "ident": null
          },
          {
            "date": "2009-06-09T18:59:46",
            "db": "PACKETSTORM",
            "id": "78176",
            "ident": null
          },
          {
            "date": "2009-05-06T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200905-078",
            "ident": null
          },
          {
            "date": "2009-06-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-001540",
            "ident": null
          },
          {
            "date": "2009-05-06T17:30:09.827000",
            "db": "NVD",
            "id": "CVE-2009-1574",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-09-29T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-1574",
            "ident": null
          },
          {
            "date": "2015-03-19T08:23:00",
            "db": "BID",
            "id": "34765",
            "ident": null
          },
          {
            "date": "2009-06-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200905-078",
            "ident": null
          },
          {
            "date": "2011-01-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-001540",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-1574",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "77778"
          },
          {
            "db": "PACKETSTORM",
            "id": "77702"
          },
          {
            "db": "PACKETSTORM",
            "id": "83402"
          },
          {
            "db": "PACKETSTORM",
            "id": "77498"
          },
          {
            "db": "PACKETSTORM",
            "id": "78176"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          }
        ],
        "trust": 1.1
      },
      "title": {
        "_id": null,
        "data": "Ipsec-tools Service disruption in packet processing  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-001540"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200905-078"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200912-0751

    Vulnerability from variot - Updated: 2026-04-10 23:16

    Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. NOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010

    I. For more information, please visit following pages:

    http://www.adobe.com/products/reader/ http://www.adobe.com/products/acrobat/

    II.

    The vulnerability occurs when processing the Jp2c stream of a JpxDecode encoded data stream within a PDF file. During the processing of a JPC_MS_RGN marker, an integer sign extension may cause a bounds check to be bypassed. This results in an exploitable memory corruption vulnerability.

    III. The attacker will have to create a malicious PDF file and convince the victim to open it. This can be accomplished by embedding the PDF file into an IFrame inside of a Web page, which will result in automatic exploitation once the page is viewed. The file could also be e-mailed as an attachment or placed on a file share. In these cases, a user would have to manually open the file to trigger exploitation. If preview is enabled in Windows Explorer, Acrobat will try to generate a preview for PDF files when a folder containing PDF files is accessed, thus triggering the exploitation.

    IV. DETECTION

    iDefense has confirmed the existence of this vulnerability in latest version of Adobe Reader, at the time of testing, version 9.1.0. Previous versions may also be affected.

    Adobe has stated that all 9.2 and below versions, as well as all 8.1.7 and below versions are vulnerable.

    V. WORKAROUND

    None of the following workarounds will prevent exploitation, but they can reduce potential attack vectors and make exploitation more difficult.

    Prevent PDF documents from being opened automatically by the Web browser Disable JavaScript Disable PDFShell extension by removing or renaming the Acrord32info.exe file

    VI. VENDOR RESPONSE

    Adobe has released a patch which addresses this issue. Information about downloadable vendor updates can be found by clicking on the URLs shown.

    http://www.adobe.com/support/security/bulletins/apsb10-02.html

    VII. CVE INFORMATION

    The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2009-3955 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

    VIII. DISCLOSURE TIMELINE

    08/06/2009 Initial Contact 08/06/2009 Initial Response 09/16/2009 Vendor requested POC. iDefense sent POC. 09/17/2009 Vendor response. 01/12/2010 Coordinated public disclosure.

    IX. CREDIT

    This vulnerability was reported to iDefense by Code Audit Labs http://www.vulnhunt.com.

    Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

    Free tools, research and upcoming events http://labs.idefense.com/

    X. LEGAL NOTICES

    Copyright \xa9 2010 iDefense, Inc.

    Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. ----------------------------------------------------------------------

    Do you have VARM strategy implemented?

    (Vulnerability Assessment Remediation Management)

    If not, then implement it through the most reliable vulnerability intelligence source on the market.

    Implement it through Secunia.

    For more information visit: http://secunia.com/advisories/business_solutions/

    Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com


    TITLE: Adobe Reader/Acrobat Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA37690

    VERIFY ADVISORY: http://secunia.com/advisories/37690/

    DESCRIPTION: A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user's system.

    NOTE: This vulnerability is currently being actively exploited.

    SOLUTION: Do not open untrusted PDF files.

    Do not visit untrusted websites or follow untrusted links.

    PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.

    ORIGINAL ADVISORY: http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0.5c"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0.5a"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "3.02"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "3.01"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5a"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.11"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5c"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.7"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.10"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.6"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.9"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.5"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.4"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "5.0.7"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "adobe",
            "version": null
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 extras"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 extras"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8.z extras"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.4.z (server)"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "networks self-service speech server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service peri application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "5000"
          },
          {
            "_id": null,
            "model": "networks self-service mps",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "10000"
          },
          {
            "_id": null,
            "model": "networks self-service media processing server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "nortel",
            "version": "0"
          },
          {
            "_id": null,
            "model": "networks callpilot 703t",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 600r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 201i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 200i",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 1005r",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "networks callpilot 1002rp",
            "scope": null,
            "trust": 0.3,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.5"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.6"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.4"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.3"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:acrobat",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:acrobat_reader",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Code Audit Labs\u203bhttp://www.vulnhunt.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2009-3955",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2009-3955",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-41401",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-3955",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#508357",
                "trust": 0.8,
                "value": "65.84"
              },
              {
                "author": "NVD",
                "id": "CVE-2009-3955",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201001-089",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-41401",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Reader and Acrobat are prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. \nThis issue affects Reader and Acrobat 9.2 and prior versions. \nNOTE: This issue was previously covered in BID 37667 (Adobe Acrobat and Reader January 2010 Multiple Remote Vulnerabilities), but has been given its own record to better document it. iDefense Security Advisory 01.12.10\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJan 12, 2010\n\nI. For more information, please visit following pages:\n\nhttp://www.adobe.com/products/reader/\nhttp://www.adobe.com/products/acrobat/\n\nII. \n\nThe vulnerability occurs when processing the Jp2c stream of a JpxDecode\nencoded data stream within a PDF file. During the processing of a\nJPC_MS_RGN marker, an integer sign extension may cause a bounds check\nto be bypassed. This results in an exploitable memory corruption\nvulnerability. \n\nIII. The\nattacker will have to create a malicious PDF file and convince the\nvictim to open it. This can be accomplished by embedding the PDF file\ninto an IFrame inside of a Web page, which will result in automatic\nexploitation once the page is viewed. The file could also be e-mailed\nas an attachment or placed on a file share. In these cases, a user\nwould have to manually open the file to trigger exploitation. If\npreview is enabled in Windows Explorer, Acrobat will try to generate a\npreview for PDF files when a folder containing PDF files is accessed,\nthus triggering the exploitation. \n\nIV. DETECTION\n\niDefense has confirmed the existence of this vulnerability in latest\nversion of Adobe Reader, at the time of testing, version 9.1.0. \nPrevious versions may also be affected. \n\nAdobe has stated that all 9.2 and below versions, as well as all 8.1.7\nand below versions are vulnerable. \n\nV. WORKAROUND\n\nNone of the following workarounds will prevent exploitation, but they\ncan reduce potential attack vectors and make exploitation more\ndifficult. \n\nPrevent PDF documents from being opened automatically by the Web browser\nDisable JavaScript\nDisable PDFShell extension by removing or renaming the Acrord32info.exe file\n\nVI. VENDOR RESPONSE\n\nAdobe has released a patch which addresses this issue. Information about\ndownloadable vendor updates can be found by clicking on the URLs shown. \n\nhttp://www.adobe.com/support/security/bulletins/apsb10-02.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2009-3955 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n08/06/2009  Initial Contact\n08/06/2009  Initial Response\n09/16/2009  Vendor requested POC. iDefense sent POC. \n09/17/2009  Vendor response. \n01/12/2010  Coordinated public disclosure. \n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by \tCode Audit Labs\nhttp://www.vulnhunt.com. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2010 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management)  \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Reader/Acrobat Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA37690\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37690/\n\nDESCRIPTION:\nA vulnerability has been reported in Adobe Reader and Acrobat, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nNOTE: This vulnerability is currently being actively exploited. \n\nSOLUTION:\nDo not open untrusted PDF files. \n\nDo not visit untrusted websites or follow untrusted links. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a 0-day. \n\nORIGINAL ADVISORY:\nhttp://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          },
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          }
        ],
        "trust": 2.88
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-41401",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-3955",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "37757",
            "trust": 2.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0103",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1023446",
            "trust": 2.5
          },
          {
            "db": "USCERT",
            "id": "TA10-013A",
            "trust": 2.5
          },
          {
            "db": "XF",
            "id": "55553",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "38215",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38138",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "37690",
            "trust": 0.9
          },
          {
            "db": "OSVDB",
            "id": "60980",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#508357",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA10-013A",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "trust": 0.8
          },
          {
            "db": "IDEFENSE",
            "id": "20100113 ADOBE READER AND ACROBAT JPXDECODE MEMORY CORRUPTION VULNERABILITY",
            "trust": 0.6
          },
          {
            "db": "CERT/CC",
            "id": "TA10-013A",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SA:2010:008",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "14341",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "85088",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83870",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "id": "VAR-200912-0751",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:16:47.736000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB10-02",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
          },
          {
            "title": "APSB10-02",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb10-02.html"
          },
          {
            "title": "RHSA-2010:0037",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0037.html"
          },
          {
            "title": "RHSA-2010:0038",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0038.html"
          },
          {
            "title": "RHSA-2010:0060",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0060.html"
          },
          {
            "title": "TA10-013A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta10-013a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/37757"
          },
          {
            "trust": 2.5,
            "url": "http://www.us-cert.gov/cas/techalerts/ta10-013a.html"
          },
          {
            "trust": 2.5,
            "url": "http://www.securitytracker.com/id?1023446"
          },
          {
            "trust": 2.5,
            "url": "http://www.vupen.com/english/advisories/2010/0103"
          },
          {
            "trust": 2.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
          },
          {
            "trust": 2.0,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836"
          },
          {
            "trust": 1.7,
            "url": "http://blogs.adobe.com/psirt/2009/12/new_adobe_reader_and_acrobat_v.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html"
          },
          {
            "trust": 1.4,
            "url": "http://xforce.iss.net/xforce/xfdb/55553"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554293"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8255"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2010-0060.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38138"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38215"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55553"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/37690/"
          },
          {
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/advisories/apsa09-07.html"
          },
          {
            "trust": 0.8,
            "url": "http://kb2.adobe.com/cps/532/cpsid_53237.html"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/show/osvdb/60980"
          },
          {
            "trust": 0.8,
            "url": "http://www.symantec.com/connect/blogs/zero-day-xmas-present"
          },
          {
            "trust": 0.8,
            "url": "http://voices.washingtonpost.com/securityfix/2009/12/hackers_target_unpatched_adobe.html"
          },
          {
            "trust": 0.8,
            "url": "http://vrt-sourcefire.blogspot.com/2009/12/this-is-what-happens-when-you-try-to-do.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3955"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20100113-adobe.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2010/at100003.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta10-013a/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/tr/jvntr-2010-03/"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3955"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa10-013a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/index.html#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14341"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=991610"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3955"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/),"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/products/reader/"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vulnhunt.com."
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/products/acrobat/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/business_solutions/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#508357"
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401"
          },
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "PACKETSTORM",
            "id": "83870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#508357",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-41401",
            "ident": null
          },
          {
            "db": "BID",
            "id": "37757",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "85088",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83870",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3955",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-12-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#508357",
            "ident": null
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-41401",
            "ident": null
          },
          {
            "date": "2010-01-12T00:00:00",
            "db": "BID",
            "id": "37757",
            "ident": null
          },
          {
            "date": "2010-01-14T02:57:07",
            "db": "PACKETSTORM",
            "id": "85088",
            "ident": null
          },
          {
            "date": "2009-12-15T13:39:57",
            "db": "PACKETSTORM",
            "id": "83870",
            "ident": null
          },
          {
            "date": "2010-01-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "ident": null
          },
          {
            "date": "2010-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "ident": null
          },
          {
            "date": "2010-01-13T19:30:00.483000",
            "db": "NVD",
            "id": "CVE-2009-3955",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-06-18T00:00:00",
            "db": "CERT/CC",
            "id": "VU#508357",
            "ident": null
          },
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-41401",
            "ident": null
          },
          {
            "date": "2015-03-19T09:27:00",
            "db": "BID",
            "id": "37757",
            "ident": null
          },
          {
            "date": "2011-07-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201001-089",
            "ident": null
          },
          {
            "date": "2010-02-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001016",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-3955",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "85088"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability",
        "sources": [
          {
            "db": "BID",
            "id": "37757"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.9
      },
      "type": {
        "_id": null,
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201001-089"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200605-0497

    Vulnerability from variot - Updated: 2026-04-10 23:16

    RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Quagga , GNU Zebra Is TCP/IP A collection of daemons that support base routing related protocols. Out of them RIP , BGP As a daemon that handles the protocol RIPd , bgpd Is included. Quagga , GNU Zebra Has several security issues: 1) RIPd The daemon RIPv2 Even if the setting is valid only, regardless of the presence or absence of authentication RIPv1 There is a problem that responds to the request. (CVE-2006-2223) If exploited by a remote attacker, SEND UPDATE Such as REQUEST Routing information may be obtained illegally by using packets. 2) RIPd The daemon RIPv2 Despite being enabled for authentication, RIPv1 There is a problem of accepting packets without authentication. 3) bgpd Daemon community_str2com() There are deficiencies in the function, Telnet From the management interface show ip bgp If you execute the command, you will end up in an infinite loop CPU There is a problem that consumes resources. (CVE-2006-2276) If exploited by a local attacker, the target system can eventually become unserviceable.Please refer to the “Overview” for the impact of this vulnerability. Quagga is susceptible to remote information-disclosure and route-injection vulnerabilities. The application fails to properly ensure that required authentication and protocol configuration options are enforced. These issues allow remote attackers to gain access to potentially sensitive network-routing configuration information and to inject arbitrary routes into the RIP routing table. This may aid malicious users in further attacks against targeted networks. Quagga versions 0.98.5 and 0.99.3 are vulnerable to these issues; other versions may also be affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA 1059-1 security@debian.org http://www.debian.org/security/ Martin Schulze May 19th, 2006 http://www.debian.org/security/faq


    Package : quagga Vulnerability : several Problem type : remote Debian-specific: no CVE IDs : CVE-2006-2223 CVE-2006-2224 CVE-2006-2276 BugTraq ID : 17808 Debian Bugs : 365940 366980

    Konstantin Gavrilenko discovered several vulnerabilities in quagga, the BGP/OSPF/RIP routing daemon.

    CVE-2006-2276

    Fredrik Widell discovered that local users are can cause a denial
    of service ia a certain sh ip bgp command entered in the telnet
    interface.
    

    The old stable distribution (woody) does not contain quagga packages.

    For the stable distribution (sarge) these problems have been fixed in version 0.98.3-7.2.

    For the unstable distribution (sid) these problems have been fixed in version 0.99.4-1.

    We recommend that you upgrade your quagga package.

    Upgrade Instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 3.1 alias sarge


    Source archives:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2.dsc
      Size/MD5 checksum:      725 e985734e8ee31a87ff96f9c9b7291fa5
    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2.diff.gz
      Size/MD5 checksum:    43801 fe5b28230c268fe7ab141453a82c473c
    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3.orig.tar.gz
      Size/MD5 checksum:  2118348 68be5e911e4d604c0f5959338263356e
    

    Architecture independent components:

    http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.98.3-7.2_all.deb
      Size/MD5 checksum:   488700 c79865480dfe140b106d39111b5379ba
    

    Alpha architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_alpha.deb
      Size/MD5 checksum:  1611704 c44bc78a27990ca9d77fe4529c04e42a
    

    AMD64 architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_amd64.deb
      Size/MD5 checksum:  1412990 7ab17ec568d3f0e2122677e81db5a2e2
    

    ARM architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_arm.deb
      Size/MD5 checksum:  1290442 9a5d285ffe43d8b05c470147c48357d5
    

    Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_i386.deb
      Size/MD5 checksum:  1191426 a0438042e1935582b66a44f17e62b40b
    

    Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_ia64.deb
      Size/MD5 checksum:  1829114 9e6e40afc51734c572de0f4e6e2d6519
    

    HP Precision architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_hppa.deb
      Size/MD5 checksum:  1447726 4f6d058646cd78f86994eee61359df22
    

    Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_m68k.deb
      Size/MD5 checksum:  1159670 1438a6da0f5c0672075438df92e82695
    

    Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_mips.deb
      Size/MD5 checksum:  1352522 567e463657f21ec64870c1a243012b49
    

    Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_mipsel.deb
      Size/MD5 checksum:  1355460 3dec77ae54b897882091bb5501b349c7
    

    PowerPC architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_powerpc.deb
      Size/MD5 checksum:  1316776 adaa0828d830d7145236ee2f216fe46d
    

    IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_s390.deb
      Size/MD5 checksum:  1401616 41b91f2eb90d26b1482696681552d9cb
    

    Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_sparc.deb
      Size/MD5 checksum:  1287378 3b1624ec028e9f7944edd3fc396b0778
    

    These files will probably be moved into the stable distribution on its next update.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux)

    iD8DBQFEbehrW5ql+IAeqTIRAu1bAJ0YQwvwCvugopyXVBCit2SwrYl+SACdF09d ELcxVZUFQP8s43SsJQ3mlqo= =Niwk -----END PGP SIGNATURE-----

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200605-15


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Quagga Routing Suite: Multiple vulnerabilities Date: May 21, 2006 Bugs: #132353 ID: 200605-15


    Synopsis

    Quagga's RIP daemon allows the injection of routes and the disclosure of routing information. The BGP daemon is vulnerable to a Denial of Service.

    Background

    The Quagga Routing Suite implements three major routing protocols: RIP (v1/v2/v3), OSPF (v2/v3) and BGP4.

    Affected packages

    -------------------------------------------------------------------
     Package          /   Vulnerable   /                    Unaffected
    -------------------------------------------------------------------
    

    1 net-misc/quagga < 0.98.6-r1 >= 0.98.6-r1

    Description

    Konstantin V. Gavrilenko discovered two flaws in the Routing Information Protocol (RIP) daemon that allow the processing of RIP v1 packets (carrying no authentication) even when the daemon is configured to use MD5 authentication or, in another case, even if RIP v1 is completely disabled.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Quagga users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-misc/quagga-0.98.6-r1"
    

    References

    [ 1 ] CVE-2006-2223 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 [ 2 ] CVE-2006-2224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 [ 3 ] CVE-2006-2276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 [ 4 ] Official release information http://www.quagga.net/news2.php?y=2006&m=5&d=8#id1147115280

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200605-15.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "quagga",
            "version": "0.98.5"
          },
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "quagga",
            "version": "0.96.3"
          },
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "quagga",
            "version": "0.95"
          },
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "quagga",
            "version": "0.96.2"
          },
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "quagga",
            "version": "0.99.3"
          },
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "quagga",
            "version": "0.99.3"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "routing software suite quagga",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "quagga",
            "version": "0.95"
          },
          {
            "_id": null,
            "model": "routing software suite quagga",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "quagga",
            "version": "0.96.2"
          },
          {
            "_id": null,
            "model": "routing software suite quagga",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "quagga",
            "version": "0.96.3"
          },
          {
            "_id": null,
            "model": "routing software suite quagga",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "quagga",
            "version": "0.98.5"
          },
          {
            "_id": null,
            "model": "routing software suite quagga",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "quagga",
            "version": "0.99.3"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "suse linux open-xchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1"
          },
          {
            "_id": null,
            "model": "office server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server for s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server for s/390",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "routing software suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "quagga",
            "version": "0.97.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "BID",
            "id": "17808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2224"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Konstantin V. Gavrilenko discovered these vulnerabilities.",
        "sources": [
          {
            "db": "BID",
            "id": "17808"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2006-2224",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-2224",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2006-2925",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-2224",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2006-2224",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2006-2925",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200605-090",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2224"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ Quagga , GNU Zebra Is TCP/IP A collection of daemons that support base routing related protocols. Out of them RIP , BGP As a daemon that handles the protocol RIPd , bgpd Is included. Quagga , GNU Zebra Has several security issues: 1) RIPd The daemon RIPv2 Even if the setting is valid only, regardless of the presence or absence of authentication RIPv1 There is a problem that responds to the request. (CVE-2006-2223) If exploited by a remote attacker, SEND UPDATE Such as REQUEST Routing information may be obtained illegally by using packets. 2) RIPd The daemon RIPv2 Despite being enabled for authentication, RIPv1 There is a problem of accepting packets without authentication. 3) bgpd Daemon community_str2com() There are deficiencies in the function, Telnet From the management interface show ip bgp If you execute the command, you will end up in an infinite loop CPU There is a problem that consumes resources. (CVE-2006-2276) If exploited by a local attacker, the target system can eventually become unserviceable.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Quagga is susceptible to remote information-disclosure and route-injection vulnerabilities. The application fails to properly ensure that required authentication and protocol configuration options are enforced. \nThese issues allow remote attackers to gain access to potentially sensitive network-routing configuration information and to inject arbitrary routes into the RIP routing table. This may aid malicious users in further attacks against targeted networks. \nQuagga versions 0.98.5 and 0.99.3 are vulnerable to these issues; other versions may also be affected. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1059-1                    security@debian.org\nhttp://www.debian.org/security/                             Martin Schulze\nMay 19th, 2006                          http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage        : quagga\nVulnerability  : several\nProblem type   : remote\nDebian-specific: no\nCVE IDs        : CVE-2006-2223 CVE-2006-2224 CVE-2006-2276\nBugTraq ID     : 17808\nDebian Bugs    : 365940 366980\n\nKonstantin Gavrilenko discovered several vulnerabilities in quagga,\nthe BGP/OSPF/RIP routing daemon. \n\nCVE-2006-2276\n\n    Fredrik Widell discovered that local users are can cause a denial\n    of service ia a certain sh ip bgp command entered in the telnet\n    interface. \n\nThe old stable distribution (woody) does not contain quagga packages. \n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.98.3-7.2. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 0.99.4-1. \n\nWe recommend that you upgrade your quagga package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n  Source archives:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2.dsc\n      Size/MD5 checksum:      725 e985734e8ee31a87ff96f9c9b7291fa5\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2.diff.gz\n      Size/MD5 checksum:    43801 fe5b28230c268fe7ab141453a82c473c\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3.orig.tar.gz\n      Size/MD5 checksum:  2118348 68be5e911e4d604c0f5959338263356e\n\n  Architecture independent components:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.98.3-7.2_all.deb\n      Size/MD5 checksum:   488700 c79865480dfe140b106d39111b5379ba\n\n  Alpha architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_alpha.deb\n      Size/MD5 checksum:  1611704 c44bc78a27990ca9d77fe4529c04e42a\n\n  AMD64 architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_amd64.deb\n      Size/MD5 checksum:  1412990 7ab17ec568d3f0e2122677e81db5a2e2\n\n  ARM architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_arm.deb\n      Size/MD5 checksum:  1290442 9a5d285ffe43d8b05c470147c48357d5\n\n  Intel IA-32 architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_i386.deb\n      Size/MD5 checksum:  1191426 a0438042e1935582b66a44f17e62b40b\n\n  Intel IA-64 architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_ia64.deb\n      Size/MD5 checksum:  1829114 9e6e40afc51734c572de0f4e6e2d6519\n\n  HP Precision architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_hppa.deb\n      Size/MD5 checksum:  1447726 4f6d058646cd78f86994eee61359df22\n\n  Motorola 680x0 architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_m68k.deb\n      Size/MD5 checksum:  1159670 1438a6da0f5c0672075438df92e82695\n\n  Big endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_mips.deb\n      Size/MD5 checksum:  1352522 567e463657f21ec64870c1a243012b49\n\n  Little endian MIPS architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_mipsel.deb\n      Size/MD5 checksum:  1355460 3dec77ae54b897882091bb5501b349c7\n\n  PowerPC architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_powerpc.deb\n      Size/MD5 checksum:  1316776 adaa0828d830d7145236ee2f216fe46d\n\n  IBM S/390 architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_s390.deb\n      Size/MD5 checksum:  1401616 41b91f2eb90d26b1482696681552d9cb\n\n  Sun Sparc architecture:\n\n    http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_sparc.deb\n      Size/MD5 checksum:  1287378 3b1624ec028e9f7944edd3fc396b0778\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.3 (GNU/Linux)\n\niD8DBQFEbehrW5ql+IAeqTIRAu1bAJ0YQwvwCvugopyXVBCit2SwrYl+SACdF09d\nELcxVZUFQP8s43SsJQ3mlqo=\n=Niwk\n-----END PGP SIGNATURE-----\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200605-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: Quagga Routing Suite: Multiple vulnerabilities\n      Date: May 21, 2006\n      Bugs: #132353\n        ID: 200605-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nQuagga\u0027s RIP daemon allows the injection of routes and the disclosure\nof routing information. The BGP daemon is vulnerable to a Denial of\nService. \n\nBackground\n==========\n\nThe Quagga Routing Suite implements three major routing protocols: RIP\n(v1/v2/v3), OSPF (v2/v3) and BGP4. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package          /   Vulnerable   /                    Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/quagga      \u003c 0.98.6-r1                     \u003e= 0.98.6-r1\n\nDescription\n===========\n\nKonstantin V. Gavrilenko discovered two flaws in the Routing\nInformation Protocol (RIP) daemon that allow the processing of RIP v1\npackets (carrying no authentication) even when the daemon is configured\nto use MD5 authentication or, in another case, even if RIP v1 is\ncompletely disabled. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Quagga users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-misc/quagga-0.98.6-r1\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-2223\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223\n  [ 2 ] CVE-2006-2224\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224\n  [ 3 ] CVE-2006-2276\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276\n  [ 4 ] Official release information\n        http://www.quagga.net/news2.php?y=2006\u0026m=5\u0026d=8#id1147115280\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200605-15.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-2224"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "BID",
            "id": "17808"
          },
          {
            "db": "PACKETSTORM",
            "id": "46498"
          },
          {
            "db": "PACKETSTORM",
            "id": "46526"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2006-2224",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "17808",
            "trust": 3.3
          },
          {
            "db": "SECUNIA",
            "id": "19910",
            "trust": 2.4
          },
          {
            "db": "SECTRACK",
            "id": "1016204",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "20221",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "20137",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "21159",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "20421",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "20782",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "20138",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "20420",
            "trust": 1.6
          },
          {
            "db": "OSVDB",
            "id": "25225",
            "trust": 1.6
          },
          {
            "db": "BID",
            "id": "17979",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "20116",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-284-1",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SR:2006:017",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "1",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "26251",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200605-15",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2006:0525",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2006:0533",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1059",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20060503 RE: QUAGGA RIPD UNAUTHENTICATED ROUTE INJECTION",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20060503 QUAGGA RIPD UNAUTHENTICATED ROUTE INJECTION",
            "trust": 0.6
          },
          {
            "db": "SGI",
            "id": "20060602-01-U",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "46498",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "46526",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "BID",
            "id": "17808"
          },
          {
            "db": "PACKETSTORM",
            "id": "46498"
          },
          {
            "db": "PACKETSTORM",
            "id": "46526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2224"
          }
        ]
      },
      "id": "VAR-200605-0497",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "_id": null,
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          }
        ]
      },
      "last_update_date": "2026-04-10T23:16:45.010000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "quagga",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=396"
          },
          {
            "title": "RHSA-2006:0533",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0533.html"
          },
          {
            "title": "RHSA-2006:0525",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2006-0525.html"
          },
          {
            "title": "RHSA-2006:0533",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0533J.html"
          },
          {
            "title": "RHSA-2006:0525",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0525J.html"
          },
          {
            "title": "Patch for Quagga RIPd Route Injection Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/40797"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-2224"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.0,
            "url": "http://www.securityfocus.com/bid/17808"
          },
          {
            "trust": 1.9,
            "url": "http://bugzilla.quagga.net/show_bug.cgi?id=262"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/19910"
          },
          {
            "trust": 1.6,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0533.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0525.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/25225"
          },
          {
            "trust": 1.6,
            "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-15.xml"
          },
          {
            "trust": 1.6,
            "url": "http://www.debian.org/security/2006/dsa-1059"
          },
          {
            "trust": 1.6,
            "url": "http://securitytracker.com/id?1016204"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/21159"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/20782"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/20421"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/20420"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/20221"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/20138"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/20137"
          },
          {
            "trust": 1.6,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-u.asc"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26251"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10775"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/432823/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/432856/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "https://usn.ubuntu.com/284-1/"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2224"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-2224"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/20116/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/19910/"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/17979"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/432856/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/432823/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/26251"
          },
          {
            "trust": 0.6,
            "url": "http://www.ubuntulinux.org/support/documentation/usn/usn-284-1"
          },
          {
            "trust": 0.3,
            "url": "http://bugzilla.quagga.net/show_bug.cgi?id=261"
          },
          {
            "trust": 0.3,
            "url": "http://www.quagga.net/"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0533.html"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/432856"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/432822"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/432823"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2224"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga-doc_0.98.3-7.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2223"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2276"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_m68k.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/quagga/quagga_0.98.3-7.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2223"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200605-15.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.quagga.net/news2.php?y=2006\u0026m=5\u0026d=8#id1147115280"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2276"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "BID",
            "id": "17808"
          },
          {
            "db": "PACKETSTORM",
            "id": "46498"
          },
          {
            "db": "PACKETSTORM",
            "id": "46526"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2224"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925",
            "ident": null
          },
          {
            "db": "BID",
            "id": "17808",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "46498",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "46526",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2006-000260",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2224",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-05-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2006-2925",
            "ident": null
          },
          {
            "date": "2006-05-03T00:00:00",
            "db": "BID",
            "id": "17808",
            "ident": null
          },
          {
            "date": "2006-05-22T06:20:21",
            "db": "PACKETSTORM",
            "id": "46498",
            "ident": null
          },
          {
            "date": "2006-05-22T07:26:25",
            "db": "PACKETSTORM",
            "id": "46526",
            "ident": null
          },
          {
            "date": "2006-05-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200605-090",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000260",
            "ident": null
          },
          {
            "date": "2006-05-05T19:02:00",
            "db": "NVD",
            "id": "CVE-2006-2224",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-05-05T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2006-2925",
            "ident": null
          },
          {
            "date": "2015-03-19T09:41:00",
            "db": "BID",
            "id": "17808",
            "ident": null
          },
          {
            "date": "2006-05-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200605-090",
            "ident": null
          },
          {
            "date": "2007-04-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2006-000260",
            "ident": null
          },
          {
            "date": "2025-04-03T01:03:51.193000",
            "db": "NVD",
            "id": "CVE-2006-2224",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Quagga RIPd Route Injection Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2006-2925"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "_id": null,
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200605-090"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200909-0801

    Vulnerability from variot - Updated: 2026-04-10 23:16

    The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache 'mod_proxy_ftp' module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. =========================================================== Ubuntu Security Notice USN-860-1 November 19, 2009 apache2 vulnerabilities CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.9

    Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.14

    Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.5

    Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.5

    Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.1

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. The flaw is with TLS renegotiation and potentially affects any software that supports this feature. Attacks against the HTTPS protocol are known, with the severity of the issue depending on the safeguards used in the web application. Until the TLS protocol and underlying libraries are adjusted to defend against this vulnerability, a partial, temporary workaround has been applied to Apache that disables client initiated TLS renegotiation. This update does not protect against server initiated TLS renegotiation when using SSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)

    It was discovered that mod_proxy_ftp in Apache did not properly sanitize its input when processing replies to EPASV and PASV commands. (CVE-2009-3094)

    Another flaw was discovered in mod_proxy_ftp. (CVE-2009-3095)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz
      Size/MD5:   130638 5d172b0ca228238e211940fad6b0935d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc
      Size/MD5:     1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz
      Size/MD5:  6092031 45e32c9432a8e3cf4227f5af91b03622
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb
      Size/MD5:  2125884 643115e9135b9bf626f3a65cfc5f2ed3
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   834492 818915da9848657833480b1ead6b4a12
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   229578 9086ac3033e0425ecd150b31b377ee76
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   224594 85a4480344a072868758c466f6a98747
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   229128 446b52088b9744fb776e53155403a474
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   172850 17e4cd95ecb9d0390274fca9625c2e5e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   173636 b501407d01fa07e5807c28cd1db16cd7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:    95454 a06ee30ec14b35003ebcb821624bc2af
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:    37510 4c063b1b8d831ea8a02d5ec691995dec
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   287048 9cdc7502ebc526d4bc7df9b59a9d8925
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb
      Size/MD5:   145624 4b613a57da2ca57678e8c8f0c1628556
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   787870 67b1855dc984e5296ac9580e2a2f0a0c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   204122 edf40b0ff5c1824b2d6232da247ce480
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   200060 6267a56fcef78f6300372810ce36ea41
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   203580 c487929bbf45b5a4dc3d035d86f7b3a0
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   172876 bae257127c3d137e407a7db744f3d57a
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   173660 9dd0e108ab4d3382799b29d901bf4502
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:    93410 d5d602c75a28873f1cd7523857e0dd80
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:    37508 22049e1ea8ea88259ff3f6e94482cfb3
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   263066 43fa2ae3b43c4743c98c45ac22fb0250
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb
      Size/MD5:   133484 e70b7f81859cb92e0c50084e92216526
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   860622 6d386da8da90d363414846dbc7fa7f08
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   221470 8c207b379f7ba646c94759d3e9079dd4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   217132 069cab77278b101c3c4a5b172f36ba9b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   220968 2f6ba65769fc964eb6dfec8a842f7621
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   172874 89137c84b5a33f526daf3f8b4c047a7e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   173662 23e576721faccb4aef732cf98e2358d4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   105198 44f9e698567784555db7d7d971b9fce2
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:    37518 fe7caa2a3cf6d4227ac34692de30635e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   282644 ec0306c04778cf8c8edd622aabb0363c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb
      Size/MD5:   142730 d43356422176ca29440f3e0572678093
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   211674 eb19532b9b759c806e9a95a4ffbfad9b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   207344 9e5770a4c94cbc4f9bc8cc11a6a038f1
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   210948 6d1d2357cec5b88c1c2269e5c16724bc
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   172882 d04dd123def1bc4cfbf2ac0095432eea
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   173662 6be46bbb9e92224020da49d657cb4cd4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:    94510 9df6ae07a9218d6159b1eebde5d58606
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:    37506 89856bb1433e67fb23c8d34423d3e0a5
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   269070 bf585dec777b0306cd80663c11b020df
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb
      Size/MD5:   131466 340eaf2d2c1f129c7676a152776cfcf3
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz
      Size/MD5:   141838 37d5c93b425758839cbef5afea5353a2
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc
      Size/MD5:     1381 78c9a13cc2af0dbf3958a3fc98aeea84
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
      Size/MD5:  6125771 39a755eb0f584c279336387b321e3dfc
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb
      Size/MD5:  1929318 d4faaf64c2c0af807848ea171a4efa90
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb
      Size/MD5:    72920 065d63c19b22f0f7a8f7c28952b0b408
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb
      Size/MD5:  6258048 33c48a093bbb868ea108a50c051437cf
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb
      Size/MD5:    45850 07a9463a8e4fdf1a48766d5ad08b9a3c
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   253080 3c6467ee604002a5b8ebffff8554c568
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   248676 3c83ce9eb0a27f18b9c3a8c3e651cafa
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   252490 cf379a515d967d89d2009be9e06d4833
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   205592 af6cb62114d2e70bf859c32008a66433
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   141660 958585d6391847cd5a618464054f7d37
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb
      Size/MD5:   803974 76d23bd94465a2f96711dc1c41b31af0
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   236060 ad4c00dc10b406cc312982b7113fa468
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   231580 07ae6a192e6c859e49d48f2b2158df40
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   235308 18a44bbffcebde8f2d66fe3a6bdbab6d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   205594 73ec71599d4c8a42a69ac3099b9d50cf
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   206374 c1524e4fa8265e7eaac046b114b8c463
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   140644 379a125b8b5b51ff8033449755ab87b8
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb
      Size/MD5:   755574 9de96c8719740c2525e3c0cf7836d60b
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   235578 0265d4f6ccee2d7b5ee10cfff48fed08
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   231234 611499fb33808ecdd232e2c5350f6838
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   234738 d7757d2da2e542ce0fdad5994be1d8bd
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   205592 c10ac9eb401184c379b7993b6a62cde3
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   206358 fc91c0159b096e744c42014e6e5f8909
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   141212 f87d5f443e5d8e1c3eda6f976b3ceb06
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb
      Size/MD5:   749716 86ae389b81b057288ff3c0b69ef68656
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   254134 4337f858972022fa196c9a1f9bb724fb
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   249596 44a6e21ff8fa81d09dab19cab4caffdb
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   253698 f101a1709f21320716d4c9afb356f24f
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   205604 3f4d4f6733257a7037e35101ef792352
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   206386 06402188459de8dab5279b5bfef768fa
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   158390 0acffbdb7e5602b434c4f2805f8dc4d0
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb
      Size/MD5:   906022 28c3e8b63d123a4ca0632b3fed6720b5
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   237422 5651f53b09c0f36e1333c569980a0eb0
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   233152 1165607c64c57c84212b6b106254e885
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   236606 bbe00d0707c279a16eca35258dd8f13a
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   205598 76afcd4085fa6f39055a5a3f1ef34a43
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   206372 5c67270e0a19d1558cf17cb21a114833
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   143838 28e9c3811feeac70b846279e82c23430
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb
      Size/MD5:   765398 92c5b054b80b6258a1c4caac8248a40a
    

    Updated packages for Ubuntu 8.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz
      Size/MD5:   137715 0e8a6128ff37a1c064d4ce881b5d3df9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc
      Size/MD5:     1788 5e3c3d53b68ea3053bcca3a5e19f5911
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz
      Size/MD5:  6396996 80d3754fc278338033296f0d41ef2c04
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb
      Size/MD5:  2041786 cd1e98fb2064bad51f7845f203a07d79
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb
      Size/MD5:  6538578 32e07db65f1e7b3002aedc3afce1748c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb
      Size/MD5:    45474 0f1b4fb499af61a596241bd4f0f4d35d
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   254968 f2004f847cc5cbc730599352ad1f7dc6
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   249196 fb001fc4f192e9b8ae1bb7161925413c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   254360 419b942bad4cf4d959afcfa3ce4314e2
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   208524 0d87bf6acbf1ab5dc48c68debe7c0d26
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:    84490 2a4df4b619debe549f48ac3e9e764305
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:    82838 215665711684d5b5dd04cdfa23d36462
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   209550 496d387e315370c0cd83489db663a356
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   147762 48061b9015c78b39b7afd834f4c81ae0
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb
      Size/MD5:   820242 3497441009bc9db76a87fd2447ba433c
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   241376 488812d1a311fd67dafd5b18b6813920
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   236082 9256681808703f40e822c81b53f4ce3e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   240668 2b6b7c11a88ed5a280f603305bee880e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   208532 e0eccceba6cae5fb12f431ff0283a23e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:    83922 ea5f69f36e344e493cce5d9c0bc69c46
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:    82320 0d9b2f9afff4b9efe924b59e9bb039ea
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   209554 f4e53148ae30d5c4f060d455e4f11f95
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   146596 5ed6a4af9378bacfb7d4a034d9923915
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb
      Size/MD5:   778564 ffd7752394933004094c13b00113b263
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   238358 4955c7d577496ea4f3573345fad028a4
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   232964 76aecf38baba17a8a968329b818ec74a
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   237626 83f32bd08e2e206bbdb9f92cfb1a37e5
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   208528 6672fb116e108687669c89197732fbb0
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:    83870 b8f875f197017aec0fe8203c203065d7
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:    82296 d6724391ed540b351e2b660ba98af1ca
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   209550 263b43fb11c6d954d5a4bf7839e720a4
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   146282 a225b8d0f48e141eea28b2369d4595c0
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb
      Size/MD5:   766494 454c737e191429c43ad3f28c9e0294a0
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   261510 d3e1155682726cc28859156e647d97b3
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   256082 e49d894a6e9ab612a3cbd2f189ca3d8d
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   260850 bc3cd7677cd630ac00424e73a3a6b343
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   208542 ae1cc6b1323832528ad8f0e7130ec87d
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:    84558 68452b686e89320007e9c5367ce36345
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:    82908 2b8c5fc4bdec1017735dc16eba41d0a6
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   209562 a8da7487e3dcd1bdff008956728b8dd3
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   161030 a5ffe07d5e3050c8a54c4fccd3732263
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb
      Size/MD5:   926240 8282583e86e84bd256959540f39a515d
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   246720 e54b4b9b354001a910ec9027dc90b0d2
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   241280 1eea25472875056e34cd2c3283c60171
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   246024 5709e7421814ecfb83fff5804d429971
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   208528 25cdfd0177da7e5484d3d44f93257863
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:    84096 3ffbacffcc23ffc640a2ce05d35437bf
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:    82470 17d1ca84f9455c492013f4f754a1d365
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   209546 696ef3652703523aea6208a4e51e48f1
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   150932 44c89e0249c85eed09b6f3a6a23db59d
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb
      Size/MD5:   783902 773a80d7a85a452016da3b10b1f3ae43
    

    Updated packages for Ubuntu 9.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz
      Size/MD5:   141023 50d6737005a6d4fe601e223a39293f99
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc
      Size/MD5:     1795 59720f4d7ad291c986d92ec120750c3d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz
      Size/MD5:  6806786 03e0a99a5de0f3f568a0087fb9993af9
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb
      Size/MD5:  2219326 d29c903489b894ddf88b23a0fec23e5c
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb
      Size/MD5:    46636 ee03585b00f277ed98c0de07a683317a
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb
      Size/MD5:  6948222 a3505a83c13cf36c86248079127dd84d
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   259028 5e9bddefad4c58c3ef9fd15d7a06988d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   253218 ee1bfbb759ffade3a52a6782e2f4b66d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   258414 8ef063026de9790bac1965427ce1b584
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   213294 09701d434bd102e4205e551b4525afd1
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   214258 e98de48ea01e1132c5f1248a9a018745
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   151140 2f7c7f14b843b2c24de8c67356406449
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:   826834 28abdf1c7be886e9be2825d351abaec7
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:    87818 670c62615e107920c45893b3377ab2a0
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb
      Size/MD5:    86094 5a7c68fd37066287b4819cba4cfed1f2
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   245538 952540b7679ebc8d3ffc953f32d3be0f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   240048 08a7fd4888ffd9188890e57c613c4be7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   244914 955bb5121da808d44aa994386d90723f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   213308 dd16143608ff8c41cb2d5cd27212a57e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   214280 1e1f5d6feef40413f823a19126a018e3
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   150046 0769d86d26282d1d31615050ae5b8915
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:   784198 8760e9c37147d0472dbbfe941c058829
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:    87182 21980cb1035d05f69b857870bbcbc085
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb
      Size/MD5:    85572 6a1b8a5e4cb19e815e88335757b06cf3
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   242386 859ad63822b7e82c81cd6dcaca088c4a
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   236924 200538ce94218c9d8af8532636bfd40a
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   241822 3a3183ea4ee77d2677919d3b698f92a1
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   213286 bf81273b1db0a4a621085171c2b2b421
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   214264 ed278dab71289d2baae2ea409382fbf8
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   149758 75f6e2d7bd1cdfe5b1806062c3c859df
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:   773424 c7cdc26051bd9443ae25b73776537fb5
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:    87132 32e7ea89c96a0afce7ce1da457d947fb
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb
      Size/MD5:    85550 1d9b5963aa6ea5c01492ec417ab8510a
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   265476 5d03fe6b2da8de98c876941ff78b066f
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   260478 3e3aeaaf496cc86c62a831c59994c1f2
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   265154 5eae30e7a33c09b37483f3aab595d0e9
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   213314 879534ebabbb8be86b606e1800dc9cf8
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   214286 922033231a6aa67ecca1c400d47f09c1
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   164444 74faf68f0baeffcd011155ca9b201039
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:   932416 2911758e4ad1b3b401369621301ea76f
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:    87876 1d45c033ec5498c092f30188cf1d481e
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb
      Size/MD5:    86154 52c1d8806d52fef6f43ab53662953953
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   250786 4e8e98dcba5543394ed5f07d141ce408
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   245094 a82bf04fc92b8c275b0c0f25cc81ff91
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   250110 092cf734813ae1d127d7b4f498f936c1
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   213312 98d7062a6bdb58637f7e850b76bfbc80
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   214286 a378e2e0418631cec0f398379a446172
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   154284 ce8b7bbccd359675b70426df15becfed
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:   789298 11f088b18425b97367d5bc141da2ef2f
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:    87384 477b6594866c8c73a8a3603e7e646c68
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb
      Size/MD5:    85686 5562ea5a0e6f01ba12adda3afb65c1b0
    

    Updated packages for Ubuntu 9.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz
      Size/MD5:   185244 1ef59f9642bd9efa35e0808ea804cd0b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc
      Size/MD5:     1888 d3bfdecefdd8b1adec8ab35dcf85d2b3
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz
      Size/MD5:  6678149 17f017b571f88aa60abebfe2945d7caf
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:  2246560 be12bcc117bf165ffd3401486186762e
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:     2336 009d381342b0be5280835a46c91f01d9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:     2374 7545a3750acea08e95bee86f6a3247e2
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:     2314 17719223d92d46821098ce178b5947d6
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:   284782 4321e3201d8e8d1a9e3c6fbe6864102b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:     1424 7b4d96008368549d5600a8c1f64a7559
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb
      Size/MD5:     2366 46add3d428c97fa69a8848a3e4025bb0
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb
      Size/MD5:   137080 91e4f72d0f1f0abe91555e1497558fc2
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb
      Size/MD5:   138176 5fd6a5ed536306528f9f2c1a0281ad70
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb
      Size/MD5:   156646 cfa55666363303b3f44a24fa2929bf01
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb
      Size/MD5:  1399630 82b36d57faa29a646e72a1125600c11c
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb
      Size/MD5:    92488 ddebef9d1a537520380f85b63c512bef
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb
      Size/MD5:    90880 c6d163edf145da8ff6d102dc0dd1f8d7
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb
      Size/MD5:   137102 69dcd0519ca612e02102f52dcb50bf7f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb
      Size/MD5:   138200 17221b53903d664823a55faa1ec4d9a9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb
      Size/MD5:   155166 4347806710edff47fc051b4a68d5b448
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb
      Size/MD5:  1309136 d9a7df212b315fc6f77fc87fa8eb4a04
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb
      Size/MD5:    91876 289bf732dd4750a2ce61ab121b04b079
    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb
      Size/MD5:    90316 add7f446f6b524343c0066a486dd299a
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb
      Size/MD5:   137088 571e9f0370b5687acff25f71c4efe33e
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb
      Size/MD5:   138192 816a6e033f02114553bbb3627b9c6f9c
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb
      Size/MD5:   155090 af8272dc794250c30cd2f66b82486dc2
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb
      Size/MD5:  1290606 4c51de07f5a6fe9612de45369e6f35a5
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb
      Size/MD5:    91830 06866386df811127f4fd71d6fb2a9e2a
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb
      Size/MD5:    90312 9e68bd8111503135a4eae7265b0084ae
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb
      Size/MD5:   137096 61b24dbeb12d7998e5d7014c26410a99
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb
      Size/MD5:   138202 599898ff374bde8bfa388e2615064c5a
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb
      Size/MD5:   161058 fea8f5b9a80bef9c4cb3405bc37160af
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb
      Size/MD5:  1390150 fb1a244728a509586b77d02930fcf10f
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb
      Size/MD5:    92400 572c3b0aa5ab717e8c4e4e8248aff1ff
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb
      Size/MD5:    90774 82011ebc757d31e690698cf9913e3adc
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb
      Size/MD5:   137098 7f566dfade1678c72eac7dd923ab5987
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb
      Size/MD5:   138202 09fbc3145d768cf1f204d47b50e21528
    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb
      Size/MD5:   159488 7cb6c81588adaee162b8c85a1f69e7a7
    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb
      Size/MD5:  1297936 106b0b71f5e928c1d543973b5b1f015b
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb
      Size/MD5:    92166 28899fe31226880dfa961d8b05e8fa43
    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb
      Size/MD5:    90554 f207de0099ed259e2af736e8c82f91c2
    

    . Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only).

    Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0.

    The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195).

    Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891). NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095).

    Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555).

    Packages for 2008.0 are being provided due to extended support for Corporate products.

    This update provides a solution to these vulnerabilities.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2


    Updated Packages:

    Mandriva Linux 2008.0: dd2bebdd6726d2d865331d37068a90b7 2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm 6de9d36a91b125cc03bafe911b7a38a2 2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm ab7963efad1b7951c94a24075a2070e7 2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm 42a53b597d5547fb88b7427cacd617a1 2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm 1dff9d313e93c94e907d8c72348ed2e0 2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm b575ede2978ad47e41d355bd8b192725 2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm 8ff3dee24d2d2d9a8d13e567cf1eaced 2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm 7bae541dfec14b21700878514750de83 2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm 19cab766a26ce53bd7e7973ed92f0db4 2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm a1336e4ab4f282c388d7565bde4557fd 2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm 6b2f2eb949977349390fa3b06cf257e7 2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm 3640bbef5262ec0407126e31dd5ddde3 2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm 98793747365606baabc08f22e36a0a04 2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm d7fe4d88f25d2a01b0809ab5292b0999 2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm 4c9f48adbd0b1d45a874f06b9275ebe3 2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm e5a1d9476316ccc9f183cb1ae5bbcf31 2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm 44f7810695a40519c68930695829f124 2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm d6f666e9954422664d1f029fc147b591 2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm 75e205ddbc9313b8d02519e57919923a 2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm 6d68e8fa7baccc2ad090c703fb33458e 2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm 331f18ce48403472fc7f8af6d5daee8e 2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm c75e69bcabc104938cb9033e591d1de8 2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 3d4afe3f8da8369d80b6c195e132c5c0 2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm 37034ee7c7eb813de2a00a6945a10248 2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm ba296f9aa229a616a2c406d1a16912c3 2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm 77fa75d36e7a4bbe154c846e3271e7a3 2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm ca29e2db08b29e319f2392b46ea4c3fe 2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 3fbf5a0276adaa2d887a92482d81313f 2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm 9c66e471c2d2d3e43462302d0cc6f1c9 2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm 05020102a26a28b96319b23e3b6e43d6 2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm 7191542417b30ed77334f1b8366628aa 2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm f4177dbdcfd2e3dc8e66be731ad731c4 2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm fea417664f0a2689fa12308bd80c2fe4 2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm 9cf956fa426e6bdf6497337b6e26a2ab 2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm 0d9d04ca878bb3f19f4764152da42d82 2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm dbbcd75dd83779f54f98fa3e16b59f13 2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm dce8db6742ba28a71e18b86bb38688c8 2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm 2ff69d6e9c2cd3250f6746d4a7d921fd 2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm f298827d4dfa631a77907f7f5733fa29 2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm 6f02fb080e308ca0826fdb1ef00a1489 2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm b886d30d73c60a515b3ed36d7f186378 2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm 62d7754a5aa7af596cc06cd540d4025f 2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm d3438e0967978e580be896bd85f1d953 2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm e72af335ec7c3c02b5a494fbd6e99e0e 2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm 23fcdf29e21b0146fb5646baca2fa63b 2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu MUj4lK2Wsb+qzbv2V+Ih30U= =VdZS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-1934-1 security@debian.org http://www.debian.org/security/ Stefan Fritsch November 16, 2009 http://www.debian.org/security/faq


    Package : apache2 Vulnerability : multiple issues Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555

    A design flaw has been found in the TLS and SSL protocol that allows an attacker to inject arbitrary content at the beginning of a TLS/SSL connection. The attack is related to the way how TLS and SSL handle session renegotiations. CVE-2009-3555 has been assigned to this vulnerability.

    As a partial mitigation against this attack, this apache2 update disables client-initiated renegotiations. This should fix the vulnerability for the majority of Apache configurations in use.

    NOTE: This is not a complete fix for the problem. The attack is still possible in configurations where the server initiates the renegotiation. This is the case for the following configurations (the information in the changelog of the updated packages is slightly inaccurate):

      • The "SSLVerifyClient" directive is used in a Directory or Location context.
      • The "SSLCipherSuite" directive is used in a Directory or Location context.

    As a workaround, you may rearrange your configuration in a way that SSLVerifyClient and SSLCipherSuite are only used on the server or virtual host level.

    A complete fix for the problem will require a protocol change. Further information will be included in a separate announcement about this issue.

    CVE-2009-3095: Insufficient input validation in the mod_proxy_ftp module allowed remote authenticated attackers to bypass intended access restrictions and send arbitrary FTP commands to an FTP server.

    For the stable distribution (lenny), these problems have been fixed in version 2.2.9-10+lenny6. This version also includes some non-security bug fixes that were scheduled for inclusion in the next stable point release (Debian 5.0.4).

    The oldstable distribution (etch), these problems have been fixed in version 2.2.3-4+etch11.

    For the testing distribution (squeeze) and the unstable distribution (sid), these problems will be fixed in version 2.2.14-2.

    This advisory also provides updated apache2-mpm-itk packages which have been recompiled against the new apache2 packages.

    Updated apache2-mpm-itk packages for the armel architecture are not included yet. They will be released as soon as they become available.

    We recommend that you upgrade your apache2 and apache2-mpm-itk packages.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch (oldstable)


    Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc Size/MD5 checksum: 1071 dff8f31d88ede35bb87f92743d2db202 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz Size/MD5 checksum: 124890 c9b197b2a4bade4e92f3c65b88eea614

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb Size/MD5 checksum: 2247064 357f2daba8360eaf00b0157326c4d258 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb Size/MD5 checksum: 6668542 043a6a14dc48aae5fa8101715f4ddf81 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb Size/MD5 checksum: 41626 27661a99c55641d534a5ffe4ea828c4b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb Size/MD5 checksum: 275872 8ff0ac120a46e235a9253df6be09e4d5

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 346016 02b337e48ef627e13d79ad3919bc380d http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407682 f01d7e23f206baed1e42c60e15fe240f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 1017408 1c8dccbed0a309ed0b74b83667f1d587 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 449704 b227ff8c9bceaa81488fec48b81f18f6 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 450266 766ba095925ee31c175716084f41b3cf http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 444898 3b1d9a9531c82872d36ce295d6cba581 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb Size/MD5 checksum: 407030 eedabbc4930b3c14012f57ec7956847b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb Size/MD5 checksum: 184920 2d152290678598aeacd32564c2ec37c2

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 409010 15d5dda7eb1e9e8d406cd9ff4b25e60f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 408330 0bf271280295146f4ded8c02335e8fc1 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 1000068 f92b3deafb9ce263d0d66b753231a003 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436268 9ef6b02f0ecf9905c14114a464c86f80 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 432320 b734b0c2f1d2177a828cff7d8e34d17c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 342152 ef061f914027b41b788a31758d7c4e96 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb Size/MD5 checksum: 436766 deb97a3637ae8be3e016e37c038bc470 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb Size/MD5 checksum: 172802 0550f661c804ef0c0ec31e1928f5f97d

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421056 b55b215aee8398e6388a73b421229db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408940 8782732ef6487ef268abf2856ec5e2c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 408140 f3627e52eaf7a011a5a624ea25fa058b http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 968448 ac1354c562e7969e47561f4cba3a859b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 346166 a8729d03737330075908c2b8b2f5ce0b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb Size/MD5 checksum: 157634 53c277ca7e52e7e60a523183e87beec3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 421782 b17f7ce0bfd6fee4877d9bccaf82770e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb Size/MD5 checksum: 417026 03b845039bf49fba64f064acda350f43

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 444058 16fb9ac5807fcf161321ffc8467e963d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb Size/MD5 checksum: 179532 b1f7b89ac1e830b72e30c9476b813263 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 352116 f34f19a1bf40a37695ac0aeb3f5b6d10 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 443324 e7106e9195fcd9f34ced7bccb009cbb7 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 1078948 29a60062b3f7676f768dda1d4cdb78fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 439968 6ff5b95ba06596c04f2fc7dc3adac7ac http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 410880 28ce1d24c4e152624c38330d34781636 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb Size/MD5 checksum: 409994 2ce21d9fc51fbbeb5e05ac7c418d7e11

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 409776 04bafa059e90c14851f290c02fc7a29e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 963818 f2755fd250837dd878a24ffc8527855d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425034 fc0b075a77853494886719b1bf4d7092 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 421206 d2758678dc6dcfb2298a5e69dbd199d0 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 425510 5df035120241567d62ba4154a7ade25f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb Size/MD5 checksum: 161256 614f006996e6309829bf7c80bb95e3ed http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 410518 833b5256083de5f76d83354f63916af2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb Size/MD5 checksum: 343876 435638e472ccb187c7713f96840cf156

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407664 9929d570df08ea81c10235d8cfad8cec http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb Size/MD5 checksum: 231808 505ed0109a851680126951f228f4ed40 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 491120 d1ef23e9bbd457b1c30d50234050b112 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 498202 f430c9b4231122f996799b45d68596a3 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 407018 f721b04b90b8b2b5ec76916488395bdd http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 360664 08763e41786b3c5b28cf3e27d234419d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 497388 6ef80d442fbf5046e78b9b2a0637adb9 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb Size/MD5 checksum: 1204566 d1cc5f38e5683c539db6673611585b67

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 430112 01c3cf5fc888bff3967c95736b3caf40 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407674 688656128f0f46e8b35da61d731e244f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434122 791a223b58a6a3a00fdd5517decc6ff2 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 951736 68a93c433a24dd42b461907c2b61c6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 407022 10cf7a6fa3ad60183a80b7fddc08ed98 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 350066 ab3498abf9ddc41f0665be9c2912beab http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb Size/MD5 checksum: 434784 2d07f9376a7c7eb6229e0c5238e604fc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb Size/MD5 checksum: 169932 db0ecd6b89594ecbff3bacd9d184f808

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 428958 3c7b9e69ccbeb0db17d437ece3717b65 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407040 61a67a76dd0acfaeb747d5ee745cb3fa http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 433736 74adf126949edfd4b1af734b3a8255f8 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 951730 3c9d5a12163e7d1c939d26829a4454f1 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 407694 0297490b8b4aff5e1a4527a9c897fbee http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 350302 843a3c227ba43dc4b882c96cad62a6eb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb Size/MD5 checksum: 434220 b18b6688a18a11d7bfa20d486c13ae64 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb Size/MD5 checksum: 168814 6eedc4fb9e8027cf6d11c427a1cc4f8c

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 1061292 0a43b7054755c361229d5e14db9c3156 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 432806 ebe9b3113da3361dabf67acd291f9d93 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb Size/MD5 checksum: 168374 ab7eb4de4a4c224a94698ebb67f627ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 433416 0c53941e7e8765780e4e4a71f81a592b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 354920 0682a419e0d59ff5a2af1f322991b157 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 410150 69ddc8b0b8ec235e65eabde0adbc1db7 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 428826 f556fd9726b4c66bbe6fdc05b84d9918 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb Size/MD5 checksum: 409396 d4b779470977873916bff7353829f172

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 437364 0d844765789f2fcc4cf0c24e755b4c3d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 994710 63d476187cc9eed384ff792ce8b6f471 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 443278 114375b6439d8a9cf344dd4829c7b6d2 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407682 e0db3031b4bb381a0f3178569d4c514a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 442268 219d9f7f67d2a53a3c3e700c68a6d682 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 348624 ac97c9840e0cb11a1cf1e44fd1875015 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb Size/MD5 checksum: 407026 6233c65e8860b416d7a6265ae2c2eda4 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb Size/MD5 checksum: 177986 634687237fd58d539bc9492415a94b77

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 418896 96bdf44ad9d8c1d86ee3aaf383c9dcce http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 412078 c9aab17ccba1846ea02df78f636a28a6 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 342696 7dd353d553f6a495c506b22f60ff2a0d http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb Size/MD5 checksum: 158054 60de9a240c905bdb6ffa0ab6c032096d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422966 edb7194c73d08c0bdb1eed6bd19ceb53 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 422444 ad0a85ada33d687e1fc67b0fa3c40244 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 960150 0dae013a3e07502409918ff649cb1375 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb Size/MD5 checksum: 411290 88e769a08329b6728c6fd0770d241874

    Debian GNU/Linux 5.0 alias lenny (stable)


    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz Size/MD5 checksum: 6396996 80d3754fc278338033296f0d41ef2c04 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc Size/MD5 checksum: 1673 f6846ac2d9cbd7887629a9c503154310 http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz Size/MD5 checksum: 145719 fd456ef168b7f1ca1055ffbca1df53db

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 2060318 c2499fa1040a9ace89c1a969de4db870 http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 6736558 e09131a305cf2e51d3c14ed7c1beaf5d http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb Size/MD5 checksum: 45238 922ce7e9d14885bab9c9cbbfab99fbd3

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 209720 29861b61a3ae0912a7eb1ba2096b0421 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 84444 af60f321516a06fc9588433ba2c1a88e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 256598 730d50c0f57ba7aad84e6897217bf42d http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 2402082 b932e642a152e30f948437d7313d2dcf http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 82728 bb04bbeae7865acad1ae89e943702623 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb Size/MD5 checksum: 198236 61b2f1529a056145d9ea8a87c5c5e8c0 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 208690 f6d15e0b6fa15a3738e9130b4044ce37 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 849014 dddd323a55b010c29a8626194b71a7a1 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 147844 40f11b60e0f5154680f16c1c67943101 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 261662 7b88269d9ce2877809a0f47daa4e756d http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb Size/MD5 checksum: 262336 eced46181f89a7f8ee636c0dce4789f7

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 210246 bb629f54f383bfcce66a6bf0bc1a2b6d http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 825462 051201fb8baa9a7a961961dd5082929a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 257694 3b8c5bff06a870ccd062ce53771a43a4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 211268 5e07756440fecd3a3ee3815a6cff3ff5 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 258424 92c5467fbef1d4da6803507b679df099 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 82532 40718aa8ebb6532404fad4b5ee2a1e09 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 84140 743b1e0fd988539a7346bddbcd573767 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 253708 bcc5c9f767c1e62913af45827f04b83f http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb Size/MD5 checksum: 195214 42f4650b895a51b853c253bbbd1e2cc0 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 2455308 9b8792a5defa5193d825d31dc47b43f2 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb Size/MD5 checksum: 144980 240232c2f4932579c60ecee786c0af26

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 224760 9615e8207a01d2759de57b58cd885286 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 83230 c840cb7342a3a83e0587fd3baacce760 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 2327178 39819fd5f56728620aaefdbe10887c2b http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 147202 f7ebf064272389cf2dd7db7bfe3ff267 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb Size/MD5 checksum: 161596 b7a2763998f12394ecae68df6ec73fbb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 223898 fbd3f6bc3340643f55862e5b14947345 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 786918 a142a6fbee216aaa87378bdc53773eb2 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 209812 2e4b61b494abdd8e52b219456a82e499 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 219946 4ac3564788d25b492a833e2df463b41e http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 81412 abe1efff8619aac89534c3f4d57c5356 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb Size/MD5 checksum: 211008 865b518f1a18de1020feb2212b137a6c

    armel architecture (ARM EABI)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 212612 2b8654bdda7346a2a7804800e9a11d8e http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 802766 535b466511548a5264b0da3a3a348381 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226068 8921ab3294cf45178f3b90fd51fbafc3 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 213694 38498cbd15341da4279e4193a4708c6c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 226354 57f22f55c3ca485b5974e1f2a4ef1414 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 83934 6a6a2de840f638874d8ae05611f142b9 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 82284 b225eb7806650013baccae619ad08f2b http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 2340926 83bb45aa97542f6f796780c8a2d24c8b http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 221894 872e3f1df2080a84cca36f48e6c8e575 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb Size/MD5 checksum: 151226 3172e8ba667991da2881ea6a7b2781cc

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 84022 f603a1c369bbc7d05efe1ad99325e020 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 153048 0568fcb47c9cad398c7fd7abe2276828 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 82214 f27d31e710ba6640471c47a6fc240aad http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 246406 f18257777ba62d65ceb3aa4842415c74 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 241578 e71e710d7889e79b85e4c20b539a4d26 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 211730 a9913999aac5559db1e75835d87a2efd http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 896810 e8e2d9459750e5d9be76c00923a25696 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 245816 6a876fb502903c7bfcb5a4b8dad71a7a http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 213028 f072f0ca44edc122c1b3e1da847f1c8c http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb Size/MD5 checksum: 183316 41a32b0fd061c4f2afbd740af5e8325a http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb Size/MD5 checksum: 2385020 366e6e9bd1dec0ba6a784813785f13d3

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 82366 ab10d1ab26c914777c5296fe9ccfe027 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 241326 2ee9101bf92fcac69249094b3ca11e2a http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 240776 43a654cf0439fc97997a57baec5e2995 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 84104 f73a1bff0a8a4426e63803c4e5c67c60 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 783440 053ba7ef4fbb56547200c32c35ac8a0e http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 143414 c20c10a3eadac1c494a5750888875800 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 237396 06841f14531fab0adb92177af849c8be http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 211420 69c67bd0052c70322924b901ba5f5428 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 2324892 87c51cc1fb8ae2532adcfa601a7b5af4 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb Size/MD5 checksum: 212726 11b86a68880fa98a130e449dec0fbbcc http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb Size/MD5 checksum: 179396 4ae5716372fe19991b0d8a4cc751d45f

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 162732 0a9a153e3703f9dbd33e325d67373bce http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb Size/MD5 checksum: 247068 39445ee73d2076bfa589a5840a3d6024 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 1036624 80b366704dc888c2bea8d84c316faf33 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 208668 c2b06d3c767fa737fbf5e1c3d50d001c http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 311692 77ff8879c2853c4b33903299ec3120c8 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 312616 1c20b667ebbd43b0ee1b01cd1cdd991d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 83920 a383c7aef1758f963c019793af7b5f92 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 2317952 803f0b941814cbbc49f4e37bc3b9ca95 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 209700 59ab45d2c7c2168a941ff2fc842268e1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 304670 067ece69f8b9518f9b18cd948c4df971 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb Size/MD5 checksum: 85802 9294d252435e8026d6135bf8efdfaf46

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 2465158 a36366e07810785cd1f2dc3b020d3486 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 780460 a5daeb91029f3b027a810ee22456ebd3 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233408 ec9001ee4c996d0b14a9e67d9ce380ec http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 82082 1fc55f0526e3bf90c2156364055a1627 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb Size/MD5 checksum: 171444 789208a77578e49ebca9be904c99aff3 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 83688 8612d0c31dee19c557723b08354c20d7 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 149712 ac8ddf3ab4a3b0fb255adbc588e57305 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 209718 8af3815f7794f4e60d72ba52d3bd19c4 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 229494 c2ef345862009f2a2b979205fec22567 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 208698 246c0001aaa98be577f6c5f004330285 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb Size/MD5 checksum: 233980 ce7b3760443a98b0ddc0607a7a9842bf

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 228110 e45b1c3294102e26eee671b860f4aabc http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 208710 1403636fff03ab43353cdffdef62ffd7 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 83708 9b1c257025920f6dd0a7a2b231c97141 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 209740 546504d6f0a2a449e9bcd618f4700ce5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 82128 31209b35ecb423f2d88347df6c08eddb http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 2420074 b57ff2a01ee7f29d0dcba4214dc7fc21 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232140 3dfff4c54077cb221e19533f19538834 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 778974 d9d0084ea48aaa56d2f99c632711d084 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb Size/MD5 checksum: 169470 f04a239ba4f1d6ae4ff8ce0960f784fd http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 232796 8ced513dc28d7165fd76076803b98188 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb Size/MD5 checksum: 150024 c2a66c2c63eeb66df98b136cceadc780

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 84570 b43f074242385089dda2aae2e9ae1595 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 915976 723f3349b829894595b913099f06ecc2 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 257408 c4bab781417526a0dfdb2240ab2fef07 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 2495210 6fb817120bcb095006fd09d2318f28ee http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb Size/MD5 checksum: 195192 6b4d950e48c6cdfd00d403e42b719b40 http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 208684 ece82cc979cff6832d51a6caf51f38b5 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 82908 c54a24103b503b5de1b27993ee33610f http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 160960 361e2bae65d5f1303073d8e4d88ccdb7 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 209714 81fbc6671b2d4137dc52232e9d572ea9 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 258234 6dbd57dc907e93b5e9dcd3058e99b30f http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb Size/MD5 checksum: 253294 696e2e9219d6e029c0c6f024045a4d5f

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 82544 4e332ccedffd13b1e7b866fe71cf8a9b http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb Size/MD5 checksum: 197642 e32a924a47b90452356956e3fe39d34e http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 255970 197eea5c422ecf37ec592bf9612c3b2f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 208694 33dddaec24eb4475411eb55abb5d5e71 http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 150912 2aa00b2fb3b84a536030f5b5635115bc http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 209726 cf54089c8a33087820f8c9359e461625 http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 2409108 1b6e40f5d2772a0a1f26424f4b470136 http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 824586 ff52926d953f8b5cbde82ac31176dedb http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 259924 655aca8f56383ebd106ded50d8f557ea http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 260610 12751082d3f1466735d1b3d395d63690 http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb Size/MD5 checksum: 84310 9aa451ccb1513c05f4ccc0319124181e

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 2231018 fcdbb08c45ff474592590fac0aa78dac http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 84568 6dcf4195e216a22ef2919806d55d5098 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 237224 9bf96cc5f932643b1c55c6a9fa238af1 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241474 ed8557af547d9d55a075fca5cf88488d http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 82888 bde0baf83e2e972b398be6a500f77125 http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb Size/MD5 checksum: 177562 09cbb49296407c83ef1575b003dfb129 http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 241014 2c10b920cdfec918af3eb148e29fca0f http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 212798 28edff7612bb824fc20d88c29b8b7e1f http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 781748 63e7003956d73b1a04e544c00eaa7728 http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 213976 b7e758d0a2e6574944d27e2d6e40f60c http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb Size/MD5 checksum: 146596 c37cea33bed94a68326b511a66bf050e

    These files will probably be moved into the stable distribution on its next update. Patch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt . The patch kits and installation instructions are available from the following location using ftp:

    Host            Account   Password
    ftp.usa.hp.com  ewt01     Welcome1
    

    CSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms.

    Itanium Images mod_proxy.exe_ia64 mod_proxy_ftp.exe_ia64

    Alpha Images mod_proxy.exe_axp mod_proxy_ftp.exe_axp

    The patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c02160663 Version: 1

    HPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2010-06-02 Last Updated: 2010-06-02


    Potential Security Impact: Remote Denial of Service (DoS), unauthorized access

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.

    References: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09 HP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2009-3094 (AV:N/AC:H/Au:N/C:N/I:N/A:C) 5.4 CVE-2009-3095 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2010-0408 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0740 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-0433 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2010-0434 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    Note: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30; CVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09.

    RESOLUTION

    HP has provided the following upgrades to resolve these vulnerabilities. The upgrades are available from the following location:

    URL http://software.hp.com

    Note: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09 Note: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15

    Web Server Suite Version / HP-UX Release / Depot name

    Web Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot

    Web Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot

    Web Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot

    Web Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot

    Web Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot

    Web Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot

    Web Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot

    MANUAL ACTIONS: Yes - Update

    Install Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent or Install Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent

    PRODUCT SPECIFIC INFORMATION

    HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    The following text is for use by the HP-UX Software Assistant.

    AFFECTED VERSIONS

    For Web Server Suite before v3.09 HP-UX B.11.23 ================== hpuxws22APACHE.APACHE hpuxws22APACHE.APACHE2 hpuxws22APACHE.AUTH_LDAP hpuxws22APACHE.AUTH_LDAP2 hpuxws22APACHE.MOD_JK hpuxws22APACHE.MOD_JK2 hpuxws22APACHE.MOD_PERL hpuxws22APACHE.MOD_PERL2 hpuxws22APACHE.PHP hpuxws22APACHE.PHP2 action: install revision B.2.2.8.09 or subsequent

    HP-UX B.11.31

    hpuxws22APCH32.APACHE hpuxws22APCH32.APACHE2 hpuxws22APCH32.AUTH_LDAP hpuxws22APCH32.AUTH_LDAP2 hpuxws22APCH32.MOD_JK hpuxws22APCH32.MOD_JK2 hpuxws22APCH32.MOD_PERL hpuxws22APCH32.MOD_PERL2 hpuxws22APCH32.PHP hpuxws22APCH32.PHP2 hpuxws22APCH32.WEBPROXY hpuxws22APCH32.WEBPROXY2 action: install revision B.2.2.8.09 or subsequent

    For Web Server Suite before v2.30 HP-UX B.11.11 ================== hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.15 or subsequent

    HP-UX B.11.23

    hpuxwsAPCH32.APACHE hpuxwsAPCH32.APACHE2 hpuxwsAPCH32.AUTH_LDAP hpuxwsAPCH32.AUTH_LDAP2 hpuxwsAPCH32.MOD_JK hpuxwsAPCH32.MOD_JK2 hpuxwsAPCH32.MOD_PERL hpuxwsAPCH32.MOD_PERL2 hpuxwsAPCH32.PHP hpuxwsAPCH32.PHP2 hpuxwsAPCH32.WEBPROXY action: install revision B.2.0.59.15 or subsequent

    HP-UX B.11.31

    hpuxwsAPACHE.APACHE hpuxwsAPACHE.APACHE2 hpuxwsAPACHE.AUTH_LDAP hpuxwsAPACHE.AUTH_LDAP2 hpuxwsAPACHE.MOD_JK hpuxwsAPACHE.MOD_JK2 hpuxwsAPACHE.MOD_PERL hpuxwsAPACHE.MOD_PERL2 hpuxwsAPACHE.PHP hpuxwsAPACHE.PHP2 hpuxwsAPACHE.WEBPROXY action: install revision B.2.0.59.15 or subsequent

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) 2 June 2010 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)

    iEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv nksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100 =/Gfl -----END PGP SIGNATURE----- .

    BAC v8.07 supplies Apache 2.2.17. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "http server",
            "scope": "lt",
            "trust": 1.8,
            "vendor": "apache",
            "version": "2.0.64"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "lt",
            "trust": 1.8,
            "vendor": "apache",
            "version": "2.2.14"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "ibm",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.0.35"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "2.2.0"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "10"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "12"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "ibm",
            "version": "2.0.47.x"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "ibm",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": null,
            "trust": 0.8,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "3.0 (x64)"
          },
          {
            "_id": null,
            "model": "turbolinux client",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "turbolinux fuji",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10 (x64)"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11 (x64)"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.23"
          },
          {
            "_id": null,
            "model": "hp-ux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "11.31"
          },
          {
            "_id": null,
            "model": "hp-ux apache-based web server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "v.2.2.15.03"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.4.z (server)"
          },
          {
            "_id": null,
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "interstage application server",
            "scope": null,
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage studio",
            "scope": null,
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage web server",
            "scope": null,
            "trust": 0.8,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apache",
            "version": "2.2.13"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apache",
            "version": "2.0.63"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11x64"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "3.0x64"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise server debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise sp3 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux enterprise sp2 debuginfo",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 99",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 98",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 96",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 94",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 93",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 90",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 87",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 85",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 84",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 83",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 82",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 81",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 80",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 78",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 77",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 76",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 74",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 71",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 68",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 67",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 64",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 61",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 59",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 58",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 57",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 56",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 54",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 51",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 50",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 49",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 48",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 47",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 45",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 41",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 39",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 38",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 37",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 36",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 35",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 29",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 28",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 22",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 19",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 13",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 110",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 109",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 108",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 107",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 106",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 105",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 104",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 103",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 102",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 100",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 02",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 01",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 111b",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux x86 64 -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "certificate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7.3"
          },
          {
            "_id": null,
            "model": "application stack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "v20"
          },
          {
            "_id": null,
            "model": "hat jboss enterprise web server for rhel server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "51.0"
          },
          {
            "_id": null,
            "model": "hat jboss enterprise web server for rhel es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "41.0"
          },
          {
            "_id": null,
            "model": "hat jboss enterprise web server for rhel as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "41.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20090"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.8"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.7"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.5"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.25"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.19"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.17"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.15"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.35"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.33"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.27"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.13"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.47.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0.47"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.0.5"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.13"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.1.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.23"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.19"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0.2.12"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "compaq secure web server for openvms",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.06"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.05"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.01"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.55"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "0"
          },
          {
            "_id": null,
            "model": "interstage studio standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "interstage studio standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "interstage studio standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage studio standard-j edition b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.1.0"
          },
          {
            "_id": null,
            "model": "interstage studio enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "interstage studio enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "interstage studio enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage studio enterprise edition b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.1.0"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage application server standard-j edition 9.1.0b",
            "scope": null,
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "interstage application server enterprise edition 9.1.0b",
            "scope": null,
            "trust": 0.3,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.2.2.5"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "4.2.2.4"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "0"
          },
          {
            "_id": null,
            "model": "voice portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.6"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.5"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "software foundation mod proxy ftp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "0"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.13"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.12"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.11"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.10"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.9"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.8"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.6"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.5"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.2"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.0.63"
          },
          {
            "_id": null,
            "model": "software foundation apache 2.2.7-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "software foundation apache 2.2.6-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "software foundation apache 2.2.5-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "apache",
            "version": null
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "websphere application server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "7.0.9"
          },
          {
            "_id": null,
            "model": "business availability center",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.07"
          },
          {
            "_id": null,
            "model": "coat systems director",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "5.5.2.3"
          },
          {
            "_id": null,
            "model": "software foundation apache",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apache",
            "version": "2.2.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "36260"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3094"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:apache:http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:ibm:http_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:ibm:websphere_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:opensolaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:hp:hp-ux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:hp:apache-based_web_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Evgeny Legerov",
        "sources": [
          {
            "db": "BID",
            "id": "36260"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2009-3094",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 2.6,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 4.9,
                "id": "CVE-2009-3094",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 1.1,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 5.4,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2009-3094",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-3094",
                "trust": 1.0,
                "value": "LOW"
              },
              {
                "author": "NVD",
                "id": "CVE-2009-3094",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200909-107",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULMON",
                "id": "CVE-2009-3094",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3094"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3094"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The Apache \u0027mod_proxy_ftp\u0027 module is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. ===========================================================\nUbuntu Security Notice USN-860-1          November 19, 2009\napache2 vulnerabilities\nCVE-2009-3094, CVE-2009-3095, CVE-2009-3555\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  apache2-common                  2.0.55-4ubuntu2.9\n\nUbuntu 8.04 LTS:\n  apache2.2-common                2.2.8-1ubuntu0.14\n\nUbuntu 8.10:\n  apache2.2-common                2.2.9-7ubuntu3.5\n\nUbuntu 9.04:\n  apache2.2-common                2.2.11-2ubuntu2.5\n\nUbuntu 9.10:\n  apache2.2-common                2.2.12-1ubuntu2.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nMarsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3\nprotocols. If an attacker could perform a man in the middle attack at the\nstart of a TLS connection, the attacker could inject arbitrary content at\nthe beginning of the user\u0027s session. The flaw is with TLS renegotiation and\npotentially affects any software that supports this feature. Attacks\nagainst the HTTPS protocol are known, with the severity of the issue\ndepending on the safeguards used in the web application. Until the TLS\nprotocol and underlying libraries are adjusted to defend against this\nvulnerability, a partial, temporary workaround has been applied to Apache\nthat disables client initiated TLS renegotiation. This update does not\nprotect against server initiated TLS renegotiation when using\nSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis. (CVE-2009-3555)\n\nIt was discovered that mod_proxy_ftp in Apache did not properly sanitize\nits input when processing replies to EPASV and PASV commands. \n(CVE-2009-3094)\n\nAnother flaw was discovered in mod_proxy_ftp. \n(CVE-2009-3095)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz\n      Size/MD5:   130638 5d172b0ca228238e211940fad6b0935d\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc\n      Size/MD5:     1156 a6d575c4c0ef0ef9c4c77e7f6ddfb02d\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz\n      Size/MD5:  6092031 45e32c9432a8e3cf4227f5af91b03622\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb\n      Size/MD5:  2125884 643115e9135b9bf626f3a65cfc5f2ed3\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   834492 818915da9848657833480b1ead6b4a12\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   229578 9086ac3033e0425ecd150b31b377ee76\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   224594 85a4480344a072868758c466f6a98747\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   229128 446b52088b9744fb776e53155403a474\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   172850 17e4cd95ecb9d0390274fca9625c2e5e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   173636 b501407d01fa07e5807c28cd1db16cd7\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:    95454 a06ee30ec14b35003ebcb821624bc2af\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:    37510 4c063b1b8d831ea8a02d5ec691995dec\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   287048 9cdc7502ebc526d4bc7df9b59a9d8925\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb\n      Size/MD5:   145624 4b613a57da2ca57678e8c8f0c1628556\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   787870 67b1855dc984e5296ac9580e2a2f0a0c\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   204122 edf40b0ff5c1824b2d6232da247ce480\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   200060 6267a56fcef78f6300372810ce36ea41\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   203580 c487929bbf45b5a4dc3d035d86f7b3a0\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   172876 bae257127c3d137e407a7db744f3d57a\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   173660 9dd0e108ab4d3382799b29d901bf4502\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:    93410 d5d602c75a28873f1cd7523857e0dd80\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:    37508 22049e1ea8ea88259ff3f6e94482cfb3\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   263066 43fa2ae3b43c4743c98c45ac22fb0250\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb\n      Size/MD5:   133484 e70b7f81859cb92e0c50084e92216526\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   860622 6d386da8da90d363414846dbc7fa7f08\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   221470 8c207b379f7ba646c94759d3e9079dd4\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   217132 069cab77278b101c3c4a5b172f36ba9b\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   220968 2f6ba65769fc964eb6dfec8a842f7621\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   172874 89137c84b5a33f526daf3f8b4c047a7e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   173662 23e576721faccb4aef732cf98e2358d4\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   105198 44f9e698567784555db7d7d971b9fce2\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:    37518 fe7caa2a3cf6d4227ac34692de30635e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   282644 ec0306c04778cf8c8edd622aabb0363c\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb\n      Size/MD5:   142730 d43356422176ca29440f3e0572678093\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   805078 0f1f6a9b04ad5ce4ea29fd0e44bf18a4\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   211674 eb19532b9b759c806e9a95a4ffbfad9b\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   207344 9e5770a4c94cbc4f9bc8cc11a6a038f1\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   210948 6d1d2357cec5b88c1c2269e5c16724bc\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   172882 d04dd123def1bc4cfbf2ac0095432eea\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   173662 6be46bbb9e92224020da49d657cb4cd4\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:    94510 9df6ae07a9218d6159b1eebde5d58606\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:    37506 89856bb1433e67fb23c8d34423d3e0a5\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   269070 bf585dec777b0306cd80663c11b020df\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb\n      Size/MD5:   131466 340eaf2d2c1f129c7676a152776cfcf3\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz\n      Size/MD5:   141838 37d5c93b425758839cbef5afea5353a2\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc\n      Size/MD5:     1381 78c9a13cc2af0dbf3958a3fc98aeea84\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz\n      Size/MD5:  6125771 39a755eb0f584c279336387b321e3dfc\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb\n      Size/MD5:  1929318 d4faaf64c2c0af807848ea171a4efa90\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb\n      Size/MD5:    72920 065d63c19b22f0f7a8f7c28952b0b408\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb\n      Size/MD5:  6258048 33c48a093bbb868ea108a50c051437cf\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb\n      Size/MD5:    45850 07a9463a8e4fdf1a48766d5ad08b9a3c\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   253080 3c6467ee604002a5b8ebffff8554c568\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   248676 3c83ce9eb0a27f18b9c3a8c3e651cafa\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   252490 cf379a515d967d89d2009be9e06d4833\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   205592 af6cb62114d2e70bf859c32008a66433\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   206350 9c3d5ef8e55eee98cc3e75f2ed9ffaff\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   141660 958585d6391847cd5a618464054f7d37\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb\n      Size/MD5:   803974 76d23bd94465a2f96711dc1c41b31af0\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   236060 ad4c00dc10b406cc312982b7113fa468\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   231580 07ae6a192e6c859e49d48f2b2158df40\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   235308 18a44bbffcebde8f2d66fe3a6bdbab6d\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   205594 73ec71599d4c8a42a69ac3099b9d50cf\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   206374 c1524e4fa8265e7eaac046b114b8c463\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   140644 379a125b8b5b51ff8033449755ab87b8\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb\n      Size/MD5:   755574 9de96c8719740c2525e3c0cf7836d60b\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   235578 0265d4f6ccee2d7b5ee10cfff48fed08\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   231234 611499fb33808ecdd232e2c5350f6838\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   234738 d7757d2da2e542ce0fdad5994be1d8bd\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   205592 c10ac9eb401184c379b7993b6a62cde3\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   206358 fc91c0159b096e744c42014e6e5f8909\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   141212 f87d5f443e5d8e1c3eda6f976b3ceb06\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb\n      Size/MD5:   749716 86ae389b81b057288ff3c0b69ef68656\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   254134 4337f858972022fa196c9a1f9bb724fb\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   249596 44a6e21ff8fa81d09dab19cab4caffdb\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   253698 f101a1709f21320716d4c9afb356f24f\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   205604 3f4d4f6733257a7037e35101ef792352\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   206386 06402188459de8dab5279b5bfef768fa\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   158390 0acffbdb7e5602b434c4f2805f8dc4d0\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb\n      Size/MD5:   906022 28c3e8b63d123a4ca0632b3fed6720b5\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   237422 5651f53b09c0f36e1333c569980a0eb0\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   233152 1165607c64c57c84212b6b106254e885\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   236606 bbe00d0707c279a16eca35258dd8f13a\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   205598 76afcd4085fa6f39055a5a3f1ef34a43\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   206372 5c67270e0a19d1558cf17cb21a114833\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   143838 28e9c3811feeac70b846279e82c23430\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb\n      Size/MD5:   765398 92c5b054b80b6258a1c4caac8248a40a\n\nUpdated packages for Ubuntu 8.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz\n      Size/MD5:   137715 0e8a6128ff37a1c064d4ce881b5d3df9\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc\n      Size/MD5:     1788 5e3c3d53b68ea3053bcca3a5e19f5911\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz\n      Size/MD5:  6396996 80d3754fc278338033296f0d41ef2c04\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb\n      Size/MD5:  2041786 cd1e98fb2064bad51f7845f203a07d79\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb\n      Size/MD5:  6538578 32e07db65f1e7b3002aedc3afce1748c\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb\n      Size/MD5:    45474 0f1b4fb499af61a596241bd4f0f4d35d\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   254968 f2004f847cc5cbc730599352ad1f7dc6\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   249196 fb001fc4f192e9b8ae1bb7161925413c\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   254360 419b942bad4cf4d959afcfa3ce4314e2\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   208524 0d87bf6acbf1ab5dc48c68debe7c0d26\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:    84490 2a4df4b619debe549f48ac3e9e764305\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:    82838 215665711684d5b5dd04cdfa23d36462\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   209550 496d387e315370c0cd83489db663a356\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   147762 48061b9015c78b39b7afd834f4c81ae0\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb\n      Size/MD5:   820242 3497441009bc9db76a87fd2447ba433c\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   241376 488812d1a311fd67dafd5b18b6813920\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   236082 9256681808703f40e822c81b53f4ce3e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   240668 2b6b7c11a88ed5a280f603305bee880e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   208532 e0eccceba6cae5fb12f431ff0283a23e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:    83922 ea5f69f36e344e493cce5d9c0bc69c46\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:    82320 0d9b2f9afff4b9efe924b59e9bb039ea\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   209554 f4e53148ae30d5c4f060d455e4f11f95\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   146596 5ed6a4af9378bacfb7d4a034d9923915\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb\n      Size/MD5:   778564 ffd7752394933004094c13b00113b263\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   238358 4955c7d577496ea4f3573345fad028a4\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   232964 76aecf38baba17a8a968329b818ec74a\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   237626 83f32bd08e2e206bbdb9f92cfb1a37e5\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   208528 6672fb116e108687669c89197732fbb0\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:    83870 b8f875f197017aec0fe8203c203065d7\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:    82296 d6724391ed540b351e2b660ba98af1ca\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   209550 263b43fb11c6d954d5a4bf7839e720a4\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   146282 a225b8d0f48e141eea28b2369d4595c0\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb\n      Size/MD5:   766494 454c737e191429c43ad3f28c9e0294a0\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   261510 d3e1155682726cc28859156e647d97b3\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   256082 e49d894a6e9ab612a3cbd2f189ca3d8d\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   260850 bc3cd7677cd630ac00424e73a3a6b343\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   208542 ae1cc6b1323832528ad8f0e7130ec87d\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:    84558 68452b686e89320007e9c5367ce36345\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:    82908 2b8c5fc4bdec1017735dc16eba41d0a6\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   209562 a8da7487e3dcd1bdff008956728b8dd3\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   161030 a5ffe07d5e3050c8a54c4fccd3732263\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb\n      Size/MD5:   926240 8282583e86e84bd256959540f39a515d\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   246720 e54b4b9b354001a910ec9027dc90b0d2\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   241280 1eea25472875056e34cd2c3283c60171\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   246024 5709e7421814ecfb83fff5804d429971\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   208528 25cdfd0177da7e5484d3d44f93257863\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:    84096 3ffbacffcc23ffc640a2ce05d35437bf\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:    82470 17d1ca84f9455c492013f4f754a1d365\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   209546 696ef3652703523aea6208a4e51e48f1\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   150932 44c89e0249c85eed09b6f3a6a23db59d\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb\n      Size/MD5:   783902 773a80d7a85a452016da3b10b1f3ae43\n\nUpdated packages for Ubuntu 9.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz\n      Size/MD5:   141023 50d6737005a6d4fe601e223a39293f99\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc\n      Size/MD5:     1795 59720f4d7ad291c986d92ec120750c3d\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz\n      Size/MD5:  6806786 03e0a99a5de0f3f568a0087fb9993af9\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb\n      Size/MD5:  2219326 d29c903489b894ddf88b23a0fec23e5c\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb\n      Size/MD5:    46636 ee03585b00f277ed98c0de07a683317a\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb\n      Size/MD5:  6948222 a3505a83c13cf36c86248079127dd84d\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   259028 5e9bddefad4c58c3ef9fd15d7a06988d\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   253218 ee1bfbb759ffade3a52a6782e2f4b66d\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   258414 8ef063026de9790bac1965427ce1b584\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   213294 09701d434bd102e4205e551b4525afd1\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   214258 e98de48ea01e1132c5f1248a9a018745\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   151140 2f7c7f14b843b2c24de8c67356406449\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:   826834 28abdf1c7be886e9be2825d351abaec7\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:    87818 670c62615e107920c45893b3377ab2a0\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb\n      Size/MD5:    86094 5a7c68fd37066287b4819cba4cfed1f2\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   245538 952540b7679ebc8d3ffc953f32d3be0f\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   240048 08a7fd4888ffd9188890e57c613c4be7\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   244914 955bb5121da808d44aa994386d90723f\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   213308 dd16143608ff8c41cb2d5cd27212a57e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   214280 1e1f5d6feef40413f823a19126a018e3\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   150046 0769d86d26282d1d31615050ae5b8915\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:   784198 8760e9c37147d0472dbbfe941c058829\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:    87182 21980cb1035d05f69b857870bbcbc085\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb\n      Size/MD5:    85572 6a1b8a5e4cb19e815e88335757b06cf3\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   242386 859ad63822b7e82c81cd6dcaca088c4a\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   236924 200538ce94218c9d8af8532636bfd40a\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   241822 3a3183ea4ee77d2677919d3b698f92a1\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   213286 bf81273b1db0a4a621085171c2b2b421\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   214264 ed278dab71289d2baae2ea409382fbf8\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   149758 75f6e2d7bd1cdfe5b1806062c3c859df\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:   773424 c7cdc26051bd9443ae25b73776537fb5\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:    87132 32e7ea89c96a0afce7ce1da457d947fb\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb\n      Size/MD5:    85550 1d9b5963aa6ea5c01492ec417ab8510a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   265476 5d03fe6b2da8de98c876941ff78b066f\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   260478 3e3aeaaf496cc86c62a831c59994c1f2\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   265154 5eae30e7a33c09b37483f3aab595d0e9\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   213314 879534ebabbb8be86b606e1800dc9cf8\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   214286 922033231a6aa67ecca1c400d47f09c1\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   164444 74faf68f0baeffcd011155ca9b201039\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:   932416 2911758e4ad1b3b401369621301ea76f\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:    87876 1d45c033ec5498c092f30188cf1d481e\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb\n      Size/MD5:    86154 52c1d8806d52fef6f43ab53662953953\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   250786 4e8e98dcba5543394ed5f07d141ce408\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   245094 a82bf04fc92b8c275b0c0f25cc81ff91\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   250110 092cf734813ae1d127d7b4f498f936c1\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   213312 98d7062a6bdb58637f7e850b76bfbc80\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   214286 a378e2e0418631cec0f398379a446172\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   154284 ce8b7bbccd359675b70426df15becfed\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:   789298 11f088b18425b97367d5bc141da2ef2f\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:    87384 477b6594866c8c73a8a3603e7e646c68\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb\n      Size/MD5:    85686 5562ea5a0e6f01ba12adda3afb65c1b0\n\nUpdated packages for Ubuntu 9.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz\n      Size/MD5:   185244 1ef59f9642bd9efa35e0808ea804cd0b\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc\n      Size/MD5:     1888 d3bfdecefdd8b1adec8ab35dcf85d2b3\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz\n      Size/MD5:  6678149 17f017b571f88aa60abebfe2945d7caf\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:  2246560 be12bcc117bf165ffd3401486186762e\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:     2336 009d381342b0be5280835a46c91f01d9\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:     2374 7545a3750acea08e95bee86f6a3247e2\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:     2314 17719223d92d46821098ce178b5947d6\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:   284782 4321e3201d8e8d1a9e3c6fbe6864102b\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:     1424 7b4d96008368549d5600a8c1f64a7559\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb\n      Size/MD5:     2366 46add3d428c97fa69a8848a3e4025bb0\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb\n      Size/MD5:   137080 91e4f72d0f1f0abe91555e1497558fc2\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb\n      Size/MD5:   138176 5fd6a5ed536306528f9f2c1a0281ad70\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb\n      Size/MD5:   156646 cfa55666363303b3f44a24fa2929bf01\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb\n      Size/MD5:  1399630 82b36d57faa29a646e72a1125600c11c\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb\n      Size/MD5:    92488 ddebef9d1a537520380f85b63c512bef\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb\n      Size/MD5:    90880 c6d163edf145da8ff6d102dc0dd1f8d7\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb\n      Size/MD5:   137102 69dcd0519ca612e02102f52dcb50bf7f\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb\n      Size/MD5:   138200 17221b53903d664823a55faa1ec4d9a9\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb\n      Size/MD5:   155166 4347806710edff47fc051b4a68d5b448\n    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb\n      Size/MD5:  1309136 d9a7df212b315fc6f77fc87fa8eb4a04\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb\n      Size/MD5:    91876 289bf732dd4750a2ce61ab121b04b079\n    http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb\n      Size/MD5:    90316 add7f446f6b524343c0066a486dd299a\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb\n      Size/MD5:   137088 571e9f0370b5687acff25f71c4efe33e\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb\n      Size/MD5:   138192 816a6e033f02114553bbb3627b9c6f9c\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb\n      Size/MD5:   155090 af8272dc794250c30cd2f66b82486dc2\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb\n      Size/MD5:  1290606 4c51de07f5a6fe9612de45369e6f35a5\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb\n      Size/MD5:    91830 06866386df811127f4fd71d6fb2a9e2a\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb\n      Size/MD5:    90312 9e68bd8111503135a4eae7265b0084ae\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb\n      Size/MD5:   137096 61b24dbeb12d7998e5d7014c26410a99\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb\n      Size/MD5:   138202 599898ff374bde8bfa388e2615064c5a\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb\n      Size/MD5:   161058 fea8f5b9a80bef9c4cb3405bc37160af\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb\n      Size/MD5:  1390150 fb1a244728a509586b77d02930fcf10f\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb\n      Size/MD5:    92400 572c3b0aa5ab717e8c4e4e8248aff1ff\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb\n      Size/MD5:    90774 82011ebc757d31e690698cf9913e3adc\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb\n      Size/MD5:   137098 7f566dfade1678c72eac7dd923ab5987\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb\n      Size/MD5:   138202 09fbc3145d768cf1f204d47b50e21528\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb\n      Size/MD5:   159488 7cb6c81588adaee162b8c85a1f69e7a7\n    http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb\n      Size/MD5:  1297936 106b0b71f5e928c1d543973b5b1f015b\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb\n      Size/MD5:    92166 28899fe31226880dfa961d8b05e8fa43\n    http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb\n      Size/MD5:    90554 f207de0099ed259e2af736e8c82f91c2\n\n\n. Note\n that this security issue does not really apply as zlib compression\n is not enabled in the openssl build provided by Mandriva, but apache\n is patched to address this issue anyway (conserns 2008.1 only). \n \n Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the\n mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c\n in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions,\n allows remote attackers to inject arbitrary web script or HTML via\n wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this\n security issue was initially addressed with MDVSA-2008:195 but the\n patch fixing the issue was added but not applied in 2009.0. \n \n The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not\n properly handle Options=IncludesNOEXEC in the AllowOverride directive,\n which allows local users to gain privileges by configuring (1) Options\n Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a\n .htaccess file, and then inserting an exec element in a .shtml file\n (CVE-2009-1195). \n \n Fix a potential Denial-of-Service attack against mod_deflate or other\n modules, by forcing the server to consume CPU time in compressing a\n large file after a client disconnects (CVE-2009-1891).  NOTE: as of 20090903,\n this disclosure has no actionable information. However, because the\n VulnDisco Pack author is a reliable researcher, the issue is being\n assigned a CVE identifier for tracking purposes (CVE-2009-3095). \n \n Apache is affected by SSL injection or man-in-the-middle attacks\n due to a design flaw in the SSL and/or TLS protocols. A short term\n solution was released Sat Nov 07 2009 by the ASF team to mitigate\n these problems. Apache will now reject in-session renegotiation\n (CVE-2009-3555). \n \n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n \n This update provides a solution to these vulnerabilities. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555\n http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n dd2bebdd6726d2d865331d37068a90b7  2008.0/i586/apache-base-2.2.6-8.3mdv2008.0.i586.rpm\n 6de9d36a91b125cc03bafe911b7a38a2  2008.0/i586/apache-devel-2.2.6-8.3mdv2008.0.i586.rpm\n ab7963efad1b7951c94a24075a2070e7  2008.0/i586/apache-htcacheclean-2.2.6-8.3mdv2008.0.i586.rpm\n 42a53b597d5547fb88b7427cacd617a1  2008.0/i586/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 1dff9d313e93c94e907d8c72348ed2e0  2008.0/i586/apache-mod_cache-2.2.6-8.3mdv2008.0.i586.rpm\n b575ede2978ad47e41d355bd8b192725  2008.0/i586/apache-mod_dav-2.2.6-8.3mdv2008.0.i586.rpm\n 8ff3dee24d2d2d9a8d13e567cf1eaced  2008.0/i586/apache-mod_dbd-2.2.6-8.3mdv2008.0.i586.rpm\n 7bae541dfec14b21700878514750de83  2008.0/i586/apache-mod_deflate-2.2.6-8.3mdv2008.0.i586.rpm\n 19cab766a26ce53bd7e7973ed92f0db4  2008.0/i586/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.i586.rpm\n a1336e4ab4f282c388d7565bde4557fd  2008.0/i586/apache-mod_file_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 6b2f2eb949977349390fa3b06cf257e7  2008.0/i586/apache-mod_ldap-2.2.6-8.3mdv2008.0.i586.rpm\n 3640bbef5262ec0407126e31dd5ddde3  2008.0/i586/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.i586.rpm\n 98793747365606baabc08f22e36a0a04  2008.0/i586/apache-mod_proxy-2.2.6-8.3mdv2008.0.i586.rpm\n d7fe4d88f25d2a01b0809ab5292b0999  2008.0/i586/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.i586.rpm\n 4c9f48adbd0b1d45a874f06b9275ebe3  2008.0/i586/apache-mod_ssl-2.2.6-8.3mdv2008.0.i586.rpm\n e5a1d9476316ccc9f183cb1ae5bbcf31  2008.0/i586/apache-modules-2.2.6-8.3mdv2008.0.i586.rpm\n 44f7810695a40519c68930695829f124  2008.0/i586/apache-mod_userdir-2.2.6-8.3mdv2008.0.i586.rpm\n d6f666e9954422664d1f029fc147b591  2008.0/i586/apache-mpm-event-2.2.6-8.3mdv2008.0.i586.rpm\n 75e205ddbc9313b8d02519e57919923a  2008.0/i586/apache-mpm-itk-2.2.6-8.3mdv2008.0.i586.rpm\n 6d68e8fa7baccc2ad090c703fb33458e  2008.0/i586/apache-mpm-prefork-2.2.6-8.3mdv2008.0.i586.rpm\n 331f18ce48403472fc7f8af6d5daee8e  2008.0/i586/apache-mpm-worker-2.2.6-8.3mdv2008.0.i586.rpm\n c75e69bcabc104938cb9033e591d1de8  2008.0/i586/apache-source-2.2.6-8.3mdv2008.0.i586.rpm \n 23fcdf29e21b0146fb5646baca2fa63b  2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 3d4afe3f8da8369d80b6c195e132c5c0  2008.0/x86_64/apache-base-2.2.6-8.3mdv2008.0.x86_64.rpm\n 37034ee7c7eb813de2a00a6945a10248  2008.0/x86_64/apache-devel-2.2.6-8.3mdv2008.0.x86_64.rpm\n ba296f9aa229a616a2c406d1a16912c3  2008.0/x86_64/apache-htcacheclean-2.2.6-8.3mdv2008.0.x86_64.rpm\n 77fa75d36e7a4bbe154c846e3271e7a3  2008.0/x86_64/apache-mod_authn_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n ca29e2db08b29e319f2392b46ea4c3fe  2008.0/x86_64/apache-mod_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 3fbf5a0276adaa2d887a92482d81313f  2008.0/x86_64/apache-mod_dav-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9c66e471c2d2d3e43462302d0cc6f1c9  2008.0/x86_64/apache-mod_dbd-2.2.6-8.3mdv2008.0.x86_64.rpm\n 05020102a26a28b96319b23e3b6e43d6  2008.0/x86_64/apache-mod_deflate-2.2.6-8.3mdv2008.0.x86_64.rpm\n 7191542417b30ed77334f1b8366628aa  2008.0/x86_64/apache-mod_disk_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n f4177dbdcfd2e3dc8e66be731ad731c4  2008.0/x86_64/apache-mod_file_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n fea417664f0a2689fa12308bd80c2fe4  2008.0/x86_64/apache-mod_ldap-2.2.6-8.3mdv2008.0.x86_64.rpm\n 9cf956fa426e6bdf6497337b6e26a2ab  2008.0/x86_64/apache-mod_mem_cache-2.2.6-8.3mdv2008.0.x86_64.rpm\n 0d9d04ca878bb3f19f4764152da42d82  2008.0/x86_64/apache-mod_proxy-2.2.6-8.3mdv2008.0.x86_64.rpm\n dbbcd75dd83779f54f98fa3e16b59f13  2008.0/x86_64/apache-mod_proxy_ajp-2.2.6-8.3mdv2008.0.x86_64.rpm\n dce8db6742ba28a71e18b86bb38688c8  2008.0/x86_64/apache-mod_ssl-2.2.6-8.3mdv2008.0.x86_64.rpm\n 2ff69d6e9c2cd3250f6746d4a7d921fd  2008.0/x86_64/apache-modules-2.2.6-8.3mdv2008.0.x86_64.rpm\n f298827d4dfa631a77907f7f5733fa29  2008.0/x86_64/apache-mod_userdir-2.2.6-8.3mdv2008.0.x86_64.rpm\n 6f02fb080e308ca0826fdb1ef00a1489  2008.0/x86_64/apache-mpm-event-2.2.6-8.3mdv2008.0.x86_64.rpm\n b886d30d73c60a515b3ed36d7f186378  2008.0/x86_64/apache-mpm-itk-2.2.6-8.3mdv2008.0.x86_64.rpm\n 62d7754a5aa7af596cc06cd540d4025f  2008.0/x86_64/apache-mpm-prefork-2.2.6-8.3mdv2008.0.x86_64.rpm\n d3438e0967978e580be896bd85f1d953  2008.0/x86_64/apache-mpm-worker-2.2.6-8.3mdv2008.0.x86_64.rpm\n e72af335ec7c3c02b5a494fbd6e99e0e  2008.0/x86_64/apache-source-2.2.6-8.3mdv2008.0.x86_64.rpm \n 23fcdf29e21b0146fb5646baca2fa63b  2008.0/SRPMS/apache-2.2.6-8.3mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHQcamqjQ0CJFipgRAsJgAKDf5oc5UbEz3j+qsMn3tL6F8cujygCfY+cu\nMUj4lK2Wsb+qzbv2V+Ih30U=\n=VdZS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1934-1                  security@debian.org\nhttp://www.debian.org/security/                           Stefan Fritsch\nNovember 16, 2009                     http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage        : apache2\nVulnerability  : multiple issues\nProblem type   : remote\nDebian-specific: no\nCVE Id(s)      : CVE-2009-3094 CVE-2009-3095 CVE-2009-3555\n\n\nA design flaw has been found in the TLS and SSL protocol that allows\nan attacker to inject arbitrary content at the beginning of a TLS/SSL\nconnection. The attack is related to the way how TLS and SSL handle\nsession renegotiations. CVE-2009-3555 has been assigned to this\nvulnerability. \n\nAs a partial mitigation against this attack, this apache2 update\ndisables client-initiated renegotiations. This should fix the\nvulnerability for the majority of Apache configurations in use. \n\nNOTE: This is not a complete fix for the problem. The attack is\nstill possible in configurations where the server initiates the\nrenegotiation. This is the case for the following configurations\n(the information in the changelog of the updated packages is\nslightly inaccurate):\n\n- - The \"SSLVerifyClient\" directive is used in a Directory or Location\n  context. \n- - The \"SSLCipherSuite\" directive is used in a Directory or Location\n  context. \n\nAs a workaround, you may rearrange your configuration in a way that\nSSLVerifyClient and SSLCipherSuite are only used on the server or\nvirtual host level. \n\nA complete fix for the problem will require a protocol change. Further\ninformation will be included in a separate announcement about this\nissue. \n\nCVE-2009-3095: Insufficient input validation in the mod_proxy_ftp\nmodule allowed remote authenticated attackers to bypass intended access\nrestrictions and send arbitrary FTP commands to an FTP server. \n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.2.9-10+lenny6. This version also includes some non-security\nbug fixes that were scheduled for inclusion in the next stable point\nrelease (Debian 5.0.4). \n\nThe oldstable distribution (etch), these problems have been fixed in\nversion 2.2.3-4+etch11. \n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems will be fixed in version 2.2.14-2. \n\nThis advisory also provides updated apache2-mpm-itk packages which\nhave been recompiled against the new apache2 packages. \n\nUpdated apache2-mpm-itk packages for the armel architecture are not\nincluded yet. They will be released as soon as they become available. \n\n\nWe recommend that you upgrade your apache2 and apache2-mpm-itk packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch (oldstable)\n- -------------------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc\n    Size/MD5 checksum:     1071 dff8f31d88ede35bb87f92743d2db202\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz\n    Size/MD5 checksum:  6342475 f72ffb176e2dc7b322be16508c09f63c\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz\n    Size/MD5 checksum:   124890 c9b197b2a4bade4e92f3c65b88eea614\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb\n    Size/MD5 checksum:  2247064 357f2daba8360eaf00b0157326c4d258\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb\n    Size/MD5 checksum:  6668542 043a6a14dc48aae5fa8101715f4ddf81\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb\n    Size/MD5 checksum:    41626 27661a99c55641d534a5ffe4ea828c4b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb\n    Size/MD5 checksum:   275872 8ff0ac120a46e235a9253df6be09e4d5\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:   346016 02b337e48ef627e13d79ad3919bc380d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:   407682 f01d7e23f206baed1e42c60e15fe240f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:  1017408 1c8dccbed0a309ed0b74b83667f1d587\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:   449704 b227ff8c9bceaa81488fec48b81f18f6\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:   450266 766ba095925ee31c175716084f41b3cf\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:   444898 3b1d9a9531c82872d36ce295d6cba581\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb\n    Size/MD5 checksum:   407030 eedabbc4930b3c14012f57ec7956847b\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb\n    Size/MD5 checksum:   184920 2d152290678598aeacd32564c2ec37c2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:   409010 15d5dda7eb1e9e8d406cd9ff4b25e60f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:   408330 0bf271280295146f4ded8c02335e8fc1\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:  1000068 f92b3deafb9ce263d0d66b753231a003\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:   436268 9ef6b02f0ecf9905c14114a464c86f80\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:   432320 b734b0c2f1d2177a828cff7d8e34d17c\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:   342152 ef061f914027b41b788a31758d7c4e96\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb\n    Size/MD5 checksum:   436766 deb97a3637ae8be3e016e37c038bc470\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb\n    Size/MD5 checksum:   172802 0550f661c804ef0c0ec31e1928f5f97d\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   421056 b55b215aee8398e6388a73b421229db7\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   408940 8782732ef6487ef268abf2856ec5e2c0\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   408140 f3627e52eaf7a011a5a624ea25fa058b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   968448 ac1354c562e7969e47561f4cba3a859b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   346166 a8729d03737330075908c2b8b2f5ce0b\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb\n    Size/MD5 checksum:   157634 53c277ca7e52e7e60a523183e87beec3\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   421782 b17f7ce0bfd6fee4877d9bccaf82770e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb\n    Size/MD5 checksum:   417026 03b845039bf49fba64f064acda350f43\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:   444058 16fb9ac5807fcf161321ffc8467e963d\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb\n    Size/MD5 checksum:   179532 b1f7b89ac1e830b72e30c9476b813263\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:   352116 f34f19a1bf40a37695ac0aeb3f5b6d10\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:   443324 e7106e9195fcd9f34ced7bccb009cbb7\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:  1078948 29a60062b3f7676f768dda1d4cdb78fd\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:   439968 6ff5b95ba06596c04f2fc7dc3adac7ac\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:   410880 28ce1d24c4e152624c38330d34781636\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb\n    Size/MD5 checksum:   409994 2ce21d9fc51fbbeb5e05ac7c418d7e11\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   409776 04bafa059e90c14851f290c02fc7a29e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   963818 f2755fd250837dd878a24ffc8527855d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   425034 fc0b075a77853494886719b1bf4d7092\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   421206 d2758678dc6dcfb2298a5e69dbd199d0\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   425510 5df035120241567d62ba4154a7ade25f\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb\n    Size/MD5 checksum:   161256 614f006996e6309829bf7c80bb95e3ed\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   410518 833b5256083de5f76d83354f63916af2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb\n    Size/MD5 checksum:   343876 435638e472ccb187c7713f96840cf156\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:   407664 9929d570df08ea81c10235d8cfad8cec\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb\n    Size/MD5 checksum:   231808 505ed0109a851680126951f228f4ed40\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:   491120 d1ef23e9bbd457b1c30d50234050b112\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:   498202 f430c9b4231122f996799b45d68596a3\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:   407018 f721b04b90b8b2b5ec76916488395bdd\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:   360664 08763e41786b3c5b28cf3e27d234419d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:   497388 6ef80d442fbf5046e78b9b2a0637adb9\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb\n    Size/MD5 checksum:  1204566 d1cc5f38e5683c539db6673611585b67\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   430112 01c3cf5fc888bff3967c95736b3caf40\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   407674 688656128f0f46e8b35da61d731e244f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   434122 791a223b58a6a3a00fdd5517decc6ff2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   951736 68a93c433a24dd42b461907c2b61c6d2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   407022 10cf7a6fa3ad60183a80b7fddc08ed98\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   350066 ab3498abf9ddc41f0665be9c2912beab\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb\n    Size/MD5 checksum:   434784 2d07f9376a7c7eb6229e0c5238e604fc\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb\n    Size/MD5 checksum:   169932 db0ecd6b89594ecbff3bacd9d184f808\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   428958 3c7b9e69ccbeb0db17d437ece3717b65\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   407040 61a67a76dd0acfaeb747d5ee745cb3fa\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   433736 74adf126949edfd4b1af734b3a8255f8\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   951730 3c9d5a12163e7d1c939d26829a4454f1\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   407694 0297490b8b4aff5e1a4527a9c897fbee\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   350302 843a3c227ba43dc4b882c96cad62a6eb\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb\n    Size/MD5 checksum:   434220 b18b6688a18a11d7bfa20d486c13ae64\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb\n    Size/MD5 checksum:   168814 6eedc4fb9e8027cf6d11c427a1cc4f8c\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:  1061292 0a43b7054755c361229d5e14db9c3156\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:   432806 ebe9b3113da3361dabf67acd291f9d93\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb\n    Size/MD5 checksum:   168374 ab7eb4de4a4c224a94698ebb67f627ea\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:   433416 0c53941e7e8765780e4e4a71f81a592b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:   354920 0682a419e0d59ff5a2af1f322991b157\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:   410150 69ddc8b0b8ec235e65eabde0adbc1db7\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:   428826 f556fd9726b4c66bbe6fdc05b84d9918\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb\n    Size/MD5 checksum:   409396 d4b779470977873916bff7353829f172\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   437364 0d844765789f2fcc4cf0c24e755b4c3d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   994710 63d476187cc9eed384ff792ce8b6f471\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   443278 114375b6439d8a9cf344dd4829c7b6d2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   407682 e0db3031b4bb381a0f3178569d4c514a\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   442268 219d9f7f67d2a53a3c3e700c68a6d682\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   348624 ac97c9840e0cb11a1cf1e44fd1875015\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb\n    Size/MD5 checksum:   407026 6233c65e8860b416d7a6265ae2c2eda4\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb\n    Size/MD5 checksum:   177986 634687237fd58d539bc9492415a94b77\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   418896 96bdf44ad9d8c1d86ee3aaf383c9dcce\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   412078 c9aab17ccba1846ea02df78f636a28a6\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   342696 7dd353d553f6a495c506b22f60ff2a0d\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb\n    Size/MD5 checksum:   158054 60de9a240c905bdb6ffa0ab6c032096d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   422966 edb7194c73d08c0bdb1eed6bd19ceb53\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   422444 ad0a85ada33d687e1fc67b0fa3c40244\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   960150 0dae013a3e07502409918ff649cb1375\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb\n    Size/MD5 checksum:   411290 88e769a08329b6728c6fd0770d241874\n\n\nDebian GNU/Linux 5.0 alias lenny (stable)\n- -----------------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz\n    Size/MD5 checksum:  6396996 80d3754fc278338033296f0d41ef2c04\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc\n    Size/MD5 checksum:     1673 f6846ac2d9cbd7887629a9c503154310\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz\n    Size/MD5 checksum:   145719 fd456ef168b7f1ca1055ffbca1df53db\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb\n    Size/MD5 checksum:  2060318 c2499fa1040a9ace89c1a969de4db870\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb\n    Size/MD5 checksum:  6736558 e09131a305cf2e51d3c14ed7c1beaf5d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb\n    Size/MD5 checksum:    45238 922ce7e9d14885bab9c9cbbfab99fbd3\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   209720 29861b61a3ae0912a7eb1ba2096b0421\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:    84444 af60f321516a06fc9588433ba2c1a88e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   256598 730d50c0f57ba7aad84e6897217bf42d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:  2402082 b932e642a152e30f948437d7313d2dcf\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:    82728 bb04bbeae7865acad1ae89e943702623\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb\n    Size/MD5 checksum:   198236 61b2f1529a056145d9ea8a87c5c5e8c0\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   208690 f6d15e0b6fa15a3738e9130b4044ce37\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   849014 dddd323a55b010c29a8626194b71a7a1\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   147844 40f11b60e0f5154680f16c1c67943101\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   261662 7b88269d9ce2877809a0f47daa4e756d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb\n    Size/MD5 checksum:   262336 eced46181f89a7f8ee636c0dce4789f7\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   210246 bb629f54f383bfcce66a6bf0bc1a2b6d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   825462 051201fb8baa9a7a961961dd5082929a\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   257694 3b8c5bff06a870ccd062ce53771a43a4\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   211268 5e07756440fecd3a3ee3815a6cff3ff5\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   258424 92c5467fbef1d4da6803507b679df099\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:    82532 40718aa8ebb6532404fad4b5ee2a1e09\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:    84140 743b1e0fd988539a7346bddbcd573767\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   253708 bcc5c9f767c1e62913af45827f04b83f\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb\n    Size/MD5 checksum:   195214 42f4650b895a51b853c253bbbd1e2cc0\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:  2455308 9b8792a5defa5193d825d31dc47b43f2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb\n    Size/MD5 checksum:   144980 240232c2f4932579c60ecee786c0af26\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   224760 9615e8207a01d2759de57b58cd885286\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:    83230 c840cb7342a3a83e0587fd3baacce760\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:  2327178 39819fd5f56728620aaefdbe10887c2b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   147202 f7ebf064272389cf2dd7db7bfe3ff267\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb\n    Size/MD5 checksum:   161596 b7a2763998f12394ecae68df6ec73fbb\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   223898 fbd3f6bc3340643f55862e5b14947345\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   786918 a142a6fbee216aaa87378bdc53773eb2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   209812 2e4b61b494abdd8e52b219456a82e499\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   219946 4ac3564788d25b492a833e2df463b41e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:    81412 abe1efff8619aac89534c3f4d57c5356\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb\n    Size/MD5 checksum:   211008 865b518f1a18de1020feb2212b137a6c\n\narmel architecture (ARM EABI)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   212612 2b8654bdda7346a2a7804800e9a11d8e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   802766 535b466511548a5264b0da3a3a348381\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   226068 8921ab3294cf45178f3b90fd51fbafc3\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   213694 38498cbd15341da4279e4193a4708c6c\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   226354 57f22f55c3ca485b5974e1f2a4ef1414\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:    83934 6a6a2de840f638874d8ae05611f142b9\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:    82284 b225eb7806650013baccae619ad08f2b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:  2340926 83bb45aa97542f6f796780c8a2d24c8b\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   221894 872e3f1df2080a84cca36f48e6c8e575\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb\n    Size/MD5 checksum:   151226 3172e8ba667991da2881ea6a7b2781cc\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:    84022 f603a1c369bbc7d05efe1ad99325e020\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   153048 0568fcb47c9cad398c7fd7abe2276828\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:    82214 f27d31e710ba6640471c47a6fc240aad\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   246406 f18257777ba62d65ceb3aa4842415c74\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   241578 e71e710d7889e79b85e4c20b539a4d26\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   211730 a9913999aac5559db1e75835d87a2efd\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   896810 e8e2d9459750e5d9be76c00923a25696\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   245816 6a876fb502903c7bfcb5a4b8dad71a7a\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:   213028 f072f0ca44edc122c1b3e1da847f1c8c\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb\n    Size/MD5 checksum:   183316 41a32b0fd061c4f2afbd740af5e8325a\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb\n    Size/MD5 checksum:  2385020 366e6e9bd1dec0ba6a784813785f13d3\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:    82366 ab10d1ab26c914777c5296fe9ccfe027\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   241326 2ee9101bf92fcac69249094b3ca11e2a\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   240776 43a654cf0439fc97997a57baec5e2995\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:    84104 f73a1bff0a8a4426e63803c4e5c67c60\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   783440 053ba7ef4fbb56547200c32c35ac8a0e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   143414 c20c10a3eadac1c494a5750888875800\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   237396 06841f14531fab0adb92177af849c8be\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   211420 69c67bd0052c70322924b901ba5f5428\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:  2324892 87c51cc1fb8ae2532adcfa601a7b5af4\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb\n    Size/MD5 checksum:   212726 11b86a68880fa98a130e449dec0fbbcc\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb\n    Size/MD5 checksum:   179396 4ae5716372fe19991b0d8a4cc751d45f\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:   162732 0a9a153e3703f9dbd33e325d67373bce\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb\n    Size/MD5 checksum:   247068 39445ee73d2076bfa589a5840a3d6024\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:  1036624 80b366704dc888c2bea8d84c316faf33\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:   208668 c2b06d3c767fa737fbf5e1c3d50d001c\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:   311692 77ff8879c2853c4b33903299ec3120c8\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:   312616 1c20b667ebbd43b0ee1b01cd1cdd991d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:    83920 a383c7aef1758f963c019793af7b5f92\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:  2317952 803f0b941814cbbc49f4e37bc3b9ca95\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:   209700 59ab45d2c7c2168a941ff2fc842268e1\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:   304670 067ece69f8b9518f9b18cd948c4df971\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb\n    Size/MD5 checksum:    85802 9294d252435e8026d6135bf8efdfaf46\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:  2465158 a36366e07810785cd1f2dc3b020d3486\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   780460 a5daeb91029f3b027a810ee22456ebd3\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   233408 ec9001ee4c996d0b14a9e67d9ce380ec\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:    82082 1fc55f0526e3bf90c2156364055a1627\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb\n    Size/MD5 checksum:   171444 789208a77578e49ebca9be904c99aff3\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:    83688 8612d0c31dee19c557723b08354c20d7\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   149712 ac8ddf3ab4a3b0fb255adbc588e57305\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   209718 8af3815f7794f4e60d72ba52d3bd19c4\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   229494 c2ef345862009f2a2b979205fec22567\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   208698 246c0001aaa98be577f6c5f004330285\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb\n    Size/MD5 checksum:   233980 ce7b3760443a98b0ddc0607a7a9842bf\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   228110 e45b1c3294102e26eee671b860f4aabc\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   208710 1403636fff03ab43353cdffdef62ffd7\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:    83708 9b1c257025920f6dd0a7a2b231c97141\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   209740 546504d6f0a2a449e9bcd618f4700ce5\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:    82128 31209b35ecb423f2d88347df6c08eddb\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:  2420074 b57ff2a01ee7f29d0dcba4214dc7fc21\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   232140 3dfff4c54077cb221e19533f19538834\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   778974 d9d0084ea48aaa56d2f99c632711d084\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb\n    Size/MD5 checksum:   169470 f04a239ba4f1d6ae4ff8ce0960f784fd\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   232796 8ced513dc28d7165fd76076803b98188\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb\n    Size/MD5 checksum:   150024 c2a66c2c63eeb66df98b136cceadc780\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:    84570 b43f074242385089dda2aae2e9ae1595\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   915976 723f3349b829894595b913099f06ecc2\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   257408 c4bab781417526a0dfdb2240ab2fef07\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:  2495210 6fb817120bcb095006fd09d2318f28ee\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb\n    Size/MD5 checksum:   195192 6b4d950e48c6cdfd00d403e42b719b40\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   208684 ece82cc979cff6832d51a6caf51f38b5\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:    82908 c54a24103b503b5de1b27993ee33610f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   160960 361e2bae65d5f1303073d8e4d88ccdb7\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   209714 81fbc6671b2d4137dc52232e9d572ea9\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   258234 6dbd57dc907e93b5e9dcd3058e99b30f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb\n    Size/MD5 checksum:   253294 696e2e9219d6e029c0c6f024045a4d5f\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:    82544 4e332ccedffd13b1e7b866fe71cf8a9b\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb\n    Size/MD5 checksum:   197642 e32a924a47b90452356956e3fe39d34e\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   255970 197eea5c422ecf37ec592bf9612c3b2f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   208694 33dddaec24eb4475411eb55abb5d5e71\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   150912 2aa00b2fb3b84a536030f5b5635115bc\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   209726 cf54089c8a33087820f8c9359e461625\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:  2409108 1b6e40f5d2772a0a1f26424f4b470136\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   824586 ff52926d953f8b5cbde82ac31176dedb\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   259924 655aca8f56383ebd106ded50d8f557ea\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:   260610 12751082d3f1466735d1b3d395d63690\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb\n    Size/MD5 checksum:    84310 9aa451ccb1513c05f4ccc0319124181e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:  2231018 fcdbb08c45ff474592590fac0aa78dac\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:    84568 6dcf4195e216a22ef2919806d55d5098\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   237224 9bf96cc5f932643b1c55c6a9fa238af1\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   241474 ed8557af547d9d55a075fca5cf88488d\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:    82888 bde0baf83e2e972b398be6a500f77125\n  http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb\n    Size/MD5 checksum:   177562 09cbb49296407c83ef1575b003dfb129\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   241014 2c10b920cdfec918af3eb148e29fca0f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   212798 28edff7612bb824fc20d88c29b8b7e1f\n  http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   781748 63e7003956d73b1a04e544c00eaa7728\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   213976 b7e758d0a2e6574944d27e2d6e40f60c\n  http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb\n    Size/MD5 checksum:   146596 c37cea33bed94a68326b511a66bf050e\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \nPatch kit installation instructions are provided in the file SSRT090244 Apache CVE-2009-3094, CVE-2009-3095.txt . \nThe patch kits and installation instructions are available from the following location using ftp:\n\n    Host            Account   Password\n    ftp.usa.hp.com  ewt01     Welcome1\n\nCSWS version 2.1-1 patch kits are available for both ALPHA and ITANIUM platforms. \n\nItanium Images\n    mod_proxy.exe_ia64\n    mod_proxy_ftp.exe_ia64\n\nAlpha Images\n    mod_proxy.exe_axp\n    mod_proxy_ftp.exe_axp\n\nThe patch images will be provided in the next regularly scheduled update of CSWS 2.1-1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c02160663\nVersion: 1\n\nHPSBUX02531 SSRT100108 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS), Unauthorized Access\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2010-06-02\nLast Updated: 2010-06-02\n\n- -----------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS), unauthorized access\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite. \n\nReferences: CVE-2009-3094, CVE-2009-3095, CVE-2010-0408, CVE-2010-0740, CVE-2010-0433, CVE-2010-0434\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.23, B.11.31 running Apache-based Web Server versions before v2.2.8.09\nHP-UX B.11.11, B.11.23, B.11.31 running Apache-based Web Server versions before v2.0.59.15\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2009-3094    (AV:N/AC:H/Au:N/C:N/I:N/A:C)       5.4\nCVE-2009-3095    (AV:N/AC:L/Au:N/C:P/I:P/A:P)       7.5\nCVE-2010-0408    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2010-0740    (AV:N/AC:L/Au:N/C:N/I:N/A:P)       5.0\nCVE-2010-0433    (AV:N/AC:M/Au:N/C:N/I:N/A:P)       4.3\nCVE-2010-0434    (AV:N/AC:M/Au:N/C:P/I:N/A:N)       4.3\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nNote: CVE-2009-3094, CVE-2009-3095 and 2010-0740 affect only HP-UX Web Server Suite v2.30;\nCVE-2010-0408, CVE-2010-0433 and CVE-2010-0434 affect only HP-UX Web Server Suite v3.09. \n\nRESOLUTION\n\nHP has provided the following upgrades to resolve these vulnerabilities. \nThe upgrades are available from the following location:\n\nURL http://software.hp.com\n\nNote: HP-UX Web Server Suite v3.09 contains HP-UX Apache-based Web Server v2.2.8.09\nNote: HP-UX Web Server Suite v2.30 contains HP-UX Apache-based Web Server v2.0.59.15\n\nWeb Server Suite Version / HP-UX Release / Depot name\n\nWeb Server v3.09 / B.11.23 and B.11.31 PA-32 / HPUXWS22ATW-B309-32.depot\n\nWeb Server v3.09 / B.11.23 and B.11.31 IA-64 / HPUXWS22ATW-B309-64.depot\n\nWeb Server v2.30 / B.11.11 PA-32 / HPUXWSATW-B230-1111.depot\n\nWeb Server v2.30 / B.11.23 PA-32 / HPUXWSATW-B230-32.depot\n\nWeb Server v2.30 / B.11.23 IA-64 / HPUXWSATW-B230-64.depot\n\nWeb Server v2.30 / B.11.31 IA-32 / HPUXWSATW-B230-32-1131.depot\n\nWeb Server v2.30 / B.11.31 IA-64 / HPUXWSATW-B230-64-1131.depot\n\nMANUAL ACTIONS: Yes - Update\n\nInstall Apache-based Web Server from the Apache Web Server Suite v2.30 or subsequent\nor\nInstall Apache-based Web Server from the Apache Web Server Suite v3.09 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nFor Web Server Suite before v3.09\nHP-UX B.11.23\n==================\nhpuxws22APACHE.APACHE\nhpuxws22APACHE.APACHE2\nhpuxws22APACHE.AUTH_LDAP\nhpuxws22APACHE.AUTH_LDAP2\nhpuxws22APACHE.MOD_JK\nhpuxws22APACHE.MOD_JK2\nhpuxws22APACHE.MOD_PERL\nhpuxws22APACHE.MOD_PERL2\nhpuxws22APACHE.PHP\nhpuxws22APACHE.PHP2\naction: install revision B.2.2.8.09 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxws22APCH32.APACHE\nhpuxws22APCH32.APACHE2\nhpuxws22APCH32.AUTH_LDAP\nhpuxws22APCH32.AUTH_LDAP2\nhpuxws22APCH32.MOD_JK\nhpuxws22APCH32.MOD_JK2\nhpuxws22APCH32.MOD_PERL\nhpuxws22APCH32.MOD_PERL2\nhpuxws22APCH32.PHP\nhpuxws22APCH32.PHP2\nhpuxws22APCH32.WEBPROXY\nhpuxws22APCH32.WEBPROXY2\naction: install revision B.2.2.8.09 or subsequent\n\nFor Web Server Suite before v2.30\nHP-UX B.11.11\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nHP-UX B.11.23\n==================\nhpuxwsAPCH32.APACHE\nhpuxwsAPCH32.APACHE2\nhpuxwsAPCH32.AUTH_LDAP\nhpuxwsAPCH32.AUTH_LDAP2\nhpuxwsAPCH32.MOD_JK\nhpuxwsAPCH32.MOD_JK2\nhpuxwsAPCH32.MOD_PERL\nhpuxwsAPCH32.MOD_PERL2\nhpuxwsAPCH32.PHP\nhpuxwsAPCH32.PHP2\nhpuxwsAPCH32.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nHP-UX B.11.31\n==================\nhpuxwsAPACHE.APACHE\nhpuxwsAPACHE.APACHE2\nhpuxwsAPACHE.AUTH_LDAP\nhpuxwsAPACHE.AUTH_LDAP2\nhpuxwsAPACHE.MOD_JK\nhpuxwsAPACHE.MOD_JK2\nhpuxwsAPACHE.MOD_PERL\nhpuxwsAPACHE.MOD_PERL2\nhpuxwsAPACHE.PHP\nhpuxwsAPACHE.PHP2\nhpuxwsAPACHE.WEBPROXY\naction: install revision B.2.0.59.15 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 2 June 2010 Initial release\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com\n  Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n    -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n    -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkwG2+IACgkQ4B86/C0qfVm3LACfZ2twc1MNibwpLscDC7giyJJv\nnksAnR0xfycsdI9Z5RyDC/o+Dnt4Q100\n=/Gfl\n-----END PGP SIGNATURE-----\n. \n\nBAC v8.07 supplies Apache 2.2.17.  For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-3094"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          },
          {
            "db": "BID",
            "id": "36260"
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3094"
          },
          {
            "db": "PACKETSTORM",
            "id": "82799"
          },
          {
            "db": "PACKETSTORM",
            "id": "83521"
          },
          {
            "db": "PACKETSTORM",
            "id": "82647"
          },
          {
            "db": "PACKETSTORM",
            "id": "81540"
          },
          {
            "db": "PACKETSTORM",
            "id": "87839"
          },
          {
            "db": "PACKETSTORM",
            "id": "90263"
          },
          {
            "db": "PACKETSTORM",
            "id": "111587"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-3094",
            "trust": 3.5
          },
          {
            "db": "SECUNIA",
            "id": "36549",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "37152",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0609",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "36260",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-2550",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2009-3094",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "82799",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83521",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "82647",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "81540",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "87839",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "90263",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "111587",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3094"
          },
          {
            "db": "BID",
            "id": "36260"
          },
          {
            "db": "PACKETSTORM",
            "id": "82799"
          },
          {
            "db": "PACKETSTORM",
            "id": "83521"
          },
          {
            "db": "PACKETSTORM",
            "id": "82647"
          },
          {
            "db": "PACKETSTORM",
            "id": "81540"
          },
          {
            "db": "PACKETSTORM",
            "id": "87839"
          },
          {
            "db": "PACKETSTORM",
            "id": "90263"
          },
          {
            "db": "PACKETSTORM",
            "id": "111587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3094"
          }
        ]
      },
      "id": "VAR-200909-0801",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.17203079500000001
      },
      "last_update_date": "2026-04-10T23:16:40.099000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Fixed in Apache httpd 2.0.64",
            "trust": 0.8,
            "url": "http://httpd.apache.org/security/vulnerabilities_20.html#2.0.64"
          },
          {
            "title": "Fixed in Apache httpd 2.2.14",
            "trust": 0.8,
            "url": "http://httpd.apache.org/security/vulnerabilities_22.html"
          },
          {
            "title": "httpd-2.2.3-31.2.1AXS3",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=774"
          },
          {
            "title": "HPUXWSATW313",
            "trust": 0.8,
            "url": "https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXWSATW313"
          },
          {
            "title": "HPSBUX02531",
            "trust": 0.8,
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c02160663"
          },
          {
            "title": "PM10658",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM10658"
          },
          {
            "title": "7014463",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014463#7009"
          },
          {
            "title": "7007033",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007033#60239"
          },
          {
            "title": "7006876",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27006876#60239"
          },
          {
            "title": "7007951",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?rs=180\u0026uid=swg27007951#61029"
          },
          {
            "title": "PK96858",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK96858\u0026loc=en_US"
          },
          {
            "title": "7008517",
            "trust": 0.8,
            "url": "http://www-01.ibm.com/support/docview.wss?rs=177\u0026uid=swg27008517#61029"
          },
          {
            "title": "1819",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1819"
          },
          {
            "title": "1820",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=1820"
          },
          {
            "title": "RHSA-2009:1579",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1579.html"
          },
          {
            "title": "RHSA-2009:1580",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2009-1580.html"
          },
          {
            "title": "multiple_vulnerabilities_in_the_apache",
            "trust": 0.8,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_the_apache"
          },
          {
            "title": "TLSA-2009-30",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2009/TLSA-2009-30j.txt"
          },
          {
            "title": "RHSA-2009:1579",
            "trust": 0.8,
            "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1579J.html"
          },
          {
            "title": "RHSA-2009:1580",
            "trust": 0.8,
            "url": "https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1580J.html"
          },
          {
            "title": "interstage_as_201007",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_201007.html"
          },
          {
            "title": "Red Hat: Moderate: httpd and httpd22 security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20100011 - Security Advisory"
          },
          {
            "title": "Debian CVElist Bug Report Logs: CVE-2009-3094, CVE-2009-3095: mod_proxy_ftp DoS",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a36c9e7334a243cf3d9e15331467e21c"
          },
          {
            "title": "Ubuntu Security Notice: apache2 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-860-1"
          },
          {
            "title": "Debian Security Advisories: DSA-1934-1 apache2 -- multiple issues",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a5a134c3483f034e2df5ced5ad7428ec"
          },
          {
            "title": "Symantec Security Advisories: SA61 : Director multiple Apache vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=508649a9a651b4fb32a5cc0f1310d652"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/Live-Hack-CVE/CVE-2009-3094 "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3094"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-476",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3094"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/36549"
          },
          {
            "trust": 2.0,
            "url": "http://www.intevydis.com/blog/?p=59"
          },
          {
            "trust": 2.0,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96858"
          },
          {
            "trust": 2.0,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm09161"
          },
          {
            "trust": 1.7,
            "url": "http://intevydis.com/vd-list.shtml"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/37152"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00006.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2009/dsa-1934"
          },
          {
            "trust": 1.7,
            "url": "http://wiki.rpath.com/advisories:rpsa-2009-0155"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00944.html"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00645.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2010/0609"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=126998684522511\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=133355494609819\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8087"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10981"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/archive/1/508075/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3094"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3094"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/36260"
          },
          {
            "trust": 0.8,
            "url": "http://www.vupen.com/english/advisories/2009/2550"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3095"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3094"
          },
          {
            "trust": 0.6,
            "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_the_apache"
          },
          {
            "trust": 0.6,
            "url": "httpd.apache.org%3e"
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
          },
          {
            "trust": 0.6,
            "url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs."
          },
          {
            "trust": 0.3,
            "url": "http://httpd.apache.org/"
          },
          {
            "trust": 0.3,
            "url": "http://httpd.apache.org/docs/2.0/mod/mod_proxy_ftp.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.apache.org/dist/httpd/changes_2.2.14"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pk96157"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1pm10658"
          },
          {
            "trust": 0.3,
            "url": "http://intevydis.com/company.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100074555"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03236227"
          },
          {
            "trust": 0.3,
            "url": "http://www11.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02002308"
          },
          {
            "trust": 0.3,
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa61\u0026actp=list"
          },
          {
            "trust": 0.3,
            "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201007e.html"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3555"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3095"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/476.html"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/reb7c64aeea604bf948467d9d1cab8ff23fa7d002be1964bcc275aae7@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r2295080a257bad27ea68ca0af12fc715577f9e84801eae116a33107e@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs.httpd.apache.org%3e"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2009-3094"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2010:0011"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/860-1/"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=18978"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.11-2ubuntu2.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.8-1ubuntu0.14_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.8-1ubuntu0.14_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.11-2ubuntu2.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.8-1ubuntu0.14_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.55-4ubuntu2.9_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-src_2.2.9-7ubuntu3.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.9-7ubuntu3.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.9-7ubuntu3.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.55-4ubuntu2.9_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.12-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.55-4ubuntu2.9_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.11-2ubuntu2.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.12-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-worker_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1ubuntu0.14_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-utils_2.2.12-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-mpm-itk_2.2.12-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-suexec-custom_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.12-1ubuntu2.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec-custom_2.2.12-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1ubuntu0.14_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.9-7ubuntu3.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-common_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/a/apache2/apache2-suexec_2.2.12-1ubuntu2.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.55-4ubuntu2.9_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-mpm-event_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-threaded-dev_2.2.8-1ubuntu0.14_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.9-7ubuntu3.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-utils_2.2.9-7ubuntu3.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec-custom_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-suexec_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.2.11-2ubuntu2.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2.2-bin_2.2.12-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/a/apache2/apache2-prefork-dev_2.2.11-2ubuntu2.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/a/apache2/apache2-src_2.2.11-2ubuntu2.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.2.8-1ubuntu0.14_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1195"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=apache-httpd-announce\u0026m=125755783724966\u0026w=2"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1890"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-2939"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1890"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1678"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2939"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1195"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3555"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1891"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1191"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1191"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1678"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1891"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch11_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch11_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.9-10+lenny6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch11_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4+b1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch11_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-suexec-custom_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch11_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.9-10+lenny6_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-dbg_2.2.9-10+lenny6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.9-10+lenny6_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.9-10+lenny6.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.9-10+lenny6_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.9-10+lenny6_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.9-10+lenny6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.9-10+lenny6_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch11_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.9-10+lenny6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.6-02-1+lenny2+b2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch11_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch11_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.9-10+lenny6_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0740"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0408"
          },
          {
            "trust": 0.1,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2699"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
          },
          {
            "trust": 0.1,
            "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.1,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.1,
            "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3094"
          },
          {
            "db": "BID",
            "id": "36260"
          },
          {
            "db": "PACKETSTORM",
            "id": "82799"
          },
          {
            "db": "PACKETSTORM",
            "id": "83521"
          },
          {
            "db": "PACKETSTORM",
            "id": "82647"
          },
          {
            "db": "PACKETSTORM",
            "id": "81540"
          },
          {
            "db": "PACKETSTORM",
            "id": "87839"
          },
          {
            "db": "PACKETSTORM",
            "id": "90263"
          },
          {
            "db": "PACKETSTORM",
            "id": "111587"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3094"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2009-3094",
            "ident": null
          },
          {
            "db": "BID",
            "id": "36260",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "82799",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83521",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "82647",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "81540",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "87839",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "90263",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "111587",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2009-3094",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-09-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-3094",
            "ident": null
          },
          {
            "date": "2009-09-03T00:00:00",
            "db": "BID",
            "id": "36260",
            "ident": null
          },
          {
            "date": "2009-11-19T18:46:00",
            "db": "PACKETSTORM",
            "id": "82799",
            "ident": null
          },
          {
            "date": "2009-12-07T21:57:59",
            "db": "PACKETSTORM",
            "id": "83521",
            "ident": null
          },
          {
            "date": "2009-11-16T23:36:55",
            "db": "PACKETSTORM",
            "id": "82647",
            "ident": null
          },
          {
            "date": "2009-09-22T21:58:35",
            "db": "PACKETSTORM",
            "id": "81540",
            "ident": null
          },
          {
            "date": "2010-03-31T15:49:00",
            "db": "PACKETSTORM",
            "id": "87839",
            "ident": null
          },
          {
            "date": "2010-06-04T04:25:14",
            "db": "PACKETSTORM",
            "id": "90263",
            "ident": null
          },
          {
            "date": "2012-04-05T00:55:15",
            "db": "PACKETSTORM",
            "id": "111587",
            "ident": null
          },
          {
            "date": "2009-09-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200909-107",
            "ident": null
          },
          {
            "date": "2009-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002187",
            "ident": null
          },
          {
            "date": "2009-09-08T18:30:00.657000",
            "db": "NVD",
            "id": "CVE-2009-3094",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2022-09-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2009-3094",
            "ident": null
          },
          {
            "date": "2015-04-13T21:44:00",
            "db": "BID",
            "id": "36260",
            "ident": null
          },
          {
            "date": "2022-09-20T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200909-107",
            "ident": null
          },
          {
            "date": "2010-12-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002187",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-3094",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "81540"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Apache HTTP Server of  ap_proxy_ftp_handler Service disruption in functions  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002187"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "code problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200909-107"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201411-0410

    Vulnerability from variot - Updated: 2026-04-10 23:15

    cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. cURL/libcURL is prone to a remote security-bypass vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. cURL/libcURL 7.1 through 7.37.1 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. libcurl is a free, open source client-side URL transfer library. ============================================================================ Ubuntu Security Notice USN-2346-1 September 15, 2014

    curl vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS
    • Ubuntu 10.04 LTS

    Summary:

    Several security issues were fixed in curl. (CVE-2014-3620)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 14.04 LTS: libcurl3 7.35.0-1ubuntu2.1 libcurl3-gnutls 7.35.0-1ubuntu2.1 libcurl3-nss 7.35.0-1ubuntu2.1

    Ubuntu 12.04 LTS: libcurl3 7.22.0-3ubuntu4.10 libcurl3-gnutls 7.22.0-3ubuntu4.10 libcurl3-nss 7.22.0-3ubuntu4.10

    Ubuntu 10.04 LTS: libcurl3 7.19.7-1ubuntu1.9 libcurl3-gnutls 7.19.7-1ubuntu1.9

    In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006

    OS X Yosemite v10.10.5 and Security Update 2015-006 is now available and addresses the following:

    apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in Apache 2.4.16, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185

    apache_mod_php Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution. Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27. CVE-ID CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148

    Apple ID OD Plug-in Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able change the password of a local user Description: In some circumstances, a state management issue existed in password authentication. The issue was addressed through improved state management. CVE-ID CVE-2015-3799 : an anonymous researcher working with HP's Zero Day Initiative

    AppleGraphicsControl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5768 : JieTao Yang of KeenTeam

    Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3779 : Teddy Reed of Facebook Security

    Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: A memory management issue could have led to the disclosure of kernel memory layout. This issue was addressed with improved memory management. CVE-ID CVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze Networks

    Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious app may be able to access notifications from other iCloud devices Description: An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. The issue affected devices using Handoff and logged into the same iCloud account. This issue was resolved by revoking access to the Apple Notification Center Service. CVE-ID CVE-2015-3786 : Xiaolong Bai (Tsinghua University), System Security Lab (Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University)

    Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: An attacker with privileged network position may be able to perform denial of service attack using malformed Bluetooth packets Description: An input validation issue existed in parsing of Bluetooth ACL packets. This issue was addressed through improved input validation. CVE-ID CVE-2015-3787 : Trend Micro

    Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple buffer overflow issues existed in blued's handling of XPC messages. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-3777 : mitp0sh of [PDX]

    bootp Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may have broadcast MAC addresses of previously accessed networks via the DNAv4 protocol. This issue was addressed through disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)

    CloudKit Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to access the iCloud user record of a previously signed in user Description: A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling. CVE-ID CVE-2015-3782 : Deepkanwal Plaha of University of Toronto

    CoreMedia Playback Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in CoreMedia Playback. These were addressed through improved memory handling. CVE-ID CVE-2015-5777 : Apple CVE-2015-5778 : Apple

    CoreText Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team

    CoreText Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team

    curl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy. Description: Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0. CVE-ID CVE-2014-3613 CVE-2014-3620 CVE-2014-3707 CVE-2014-8150 CVE-2014-8151 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153

    Data Detectors Engine Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a sequence of unicode characters can lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in processing of Unicode characters. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)

    Date & Time pref pane Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Applications that rely on system time may have unexpected behavior Description: An authorization issue existed when modifying the system date and time preferences. This issue was addressed with additional authorization checks. CVE-ID CVE-2015-3757 : Mark S C Smith

    Dictionary Application Available for: OS X Yosemite v10.10 to v10.10.4 Impact: An attacker with a privileged network position may be able to intercept users' Dictionary app queries Description: An issue existed in the Dictionary app, which did not properly secure user communications. This issue was addressed by moving Dictionary queries to HTTPS. CVE-ID CVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team

    DiskImages Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team

    dyld Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in dyld. This was addressed through improved environment sanitization. CVE-ID CVE-2015-3760 : beist of grayhash, Stefan Esser

    FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-3804 : Apple CVE-2015-5775 : Apple

    FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team

    groff Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple issues in pdfroff Description: Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff. CVE-ID CVE-2009-5044 CVE-2009-5078

    ImageIO Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of TIFF images. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5758 : Apple

    ImageIO Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Visiting a maliciously crafted website may result in the disclosure of process memory Description: An uninitialized memory access issue existed in ImageIO's handling of PNG and TIFF images. Visiting a malicious website may result in sending data from process memory to the website. This issue is addressed through improved memory initialization and additional validation of PNG and TIFF images. CVE-ID CVE-2015-5781 : Michal Zalewski CVE-2015-5782 : Michal Zalewski

    Install Framework Legacy Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: An issue existed in how Install.framework's 'runner' binary dropped privileges. This issue was addressed through improved privilege management. CVE-ID CVE-2015-5784 : Ian Beer of Google Project Zero

    Install Framework Legacy Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A race condition existed in Install.framework's 'runner' binary that resulted in privileges being incorrectly dropped. This issue was addressed through improved object locking. CVE-ID CVE-2015-5754 : Ian Beer of Google Project Zero

    IOFireWireFamily Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation. CVE-ID CVE-2015-3769 : Ilja van Sprundel CVE-2015-3771 : Ilja van Sprundel CVE-2015-3772 : Ilja van Sprundel

    IOGraphics Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation. CVE-ID CVE-2015-3770 : Ilja van Sprundel CVE-2015-5783 : Ilja van Sprundel

    IOHIDFamily Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5774 : TaiG Jailbreak Team

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface. CVE-ID CVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team, @PanguTeam

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments. CVE-ID CVE-2015-3768 : Ilja van Sprundel

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to cause a system denial of service Description: A resource exhaustion issue existed in the fasttrap driver. This was addressed through improved memory handling. CVE-ID CVE-2015-5747 : Maxime VILLARD of m00nbsd

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to cause a system denial of service Description: A validation issue existed in the mounting of HFS volumes. This was addressed by adding additional checks. CVE-ID CVE-2015-5748 : Maxime VILLARD of m00nbsd

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute unsigned code Description: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation. CVE-ID CVE-2015-3806 : TaiG Jailbreak Team

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A specially crafted executable file could allow unsigned, malicious code to execute Description: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files. CVE-ID CVE-2015-3803 : TaiG Jailbreak Team

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute unsigned code Description: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks. CVE-ID CVE-2015-3802 : TaiG Jailbreak Team CVE-2015-3805 : TaiG Jailbreak Team

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany

    Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed. This was addressed through improved environment sanitization. CVE-ID CVE-2015-3761 : Apple

    Libc Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in the TRE library. These were addressed through improved memory handling. CVE-ID CVE-2015-3796 : Ian Beer of Google Project Zero CVE-2015-3797 : Ian Beer of Google Project Zero CVE-2015-3798 : Ian Beer of Google Project Zero

    Libinfo Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in handling AF_INET6 sockets. These were addressed by improved memory handling. CVE-ID CVE-2015-5776 : Apple

    libpthread Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking. CVE-ID CVE-2015-5757 : Lufeng Li of Qihoo 360

    libxml2 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2. CVE-ID CVE-2012-6685 : Felix Groebert of Google CVE-2014-0191 : Felix Groebert of Google

    libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory access issue existed in libxml2. This was addressed by improved memory handling CVE-ID CVE-2014-3660 : Felix Groebert of Google

    libxml2 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Apple

    libxpc Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking. CVE-ID CVE-2015-3795 : Mathew Rowley

    mail_cmds Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary shell commands Description: A validation issue existed in the mailx parsing of email addresses. This was addressed by improved sanitization. CVE-ID CVE-2014-7844

    Notification Center OSX Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to access all notifications previously displayed to users Description: An issue existed in Notification Center, which did not properly delete user notifications. This issue was addressed by correctly deleting notifications dismissed by users. CVE-ID CVE-2015-3764 : Jonathan Zdziarski

    ntfs Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in NTFS. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze Networks

    OpenSSH Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Remote attackers may be able to circumvent a time delay for failed login attempts and conduct brute-force attacks Description: An issue existed when processing keyboard-interactive devices. This issue was addressed through improved authentication request validation. CVE-ID CVE-2015-5600

    OpenSSL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792

    perl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted regular expression may lead to disclosure of unexpected application termination or arbitrary code execution Description: An integer underflow issue existed in the way Perl parsed regular expressions. This issue was addressed through improved memory handling. CVE-ID CVE-2013-7422

    PostgreSQL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: An attacker may be able to cause unexpected application termination or gain access to data without proper authentication Description: Multiple issues existed in PostgreSQL 9.2.4. These issues were addressed by updating PostgreSQL to 9.2.13. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244

    python Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10. CVE-ID CVE-2013-7040 CVE-2013-7338 CVE-2014-1912 CVE-2014-7185 CVE-2014-9365

    QL Office Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted Office document may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing of Office documents. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5773 : Apple

    QL Office Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML file may lead to disclosure of user information Description: An external entity reference issue existed in XML file parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.

    Quartz Composer Framework Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing of QuickTime files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5771 : Apple

    Quick Look Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Searching for a previously viewed website may launch the web browser and render that website Description: An issue existed where QuickLook had the capability to execute JavaScript. The issue was addressed by disallowing execution of JavaScript. CVE-ID CVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole

    QuickTime 7 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3772 CVE-2015-3779 CVE-2015-5753 : Apple CVE-2015-5779 : Apple

    QuickTime 7 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3765 : Joe Burnett of Audio Poison CVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-5751 : WalkerFuz

    SceneKit Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Viewing a maliciously crafted Collada file may lead to arbitrary code execution Description: A heap buffer overflow existed in SceneKit's handling of Collada files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5772 : Apple

    SceneKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in SceneKit. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3783 : Haris Andrianakis of Google Security Team

    Security Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A standard user may be able to gain access to admin privileges without proper authentication Description: An issue existed in handling of user authentication. This issue was addressed through improved authentication checks. CVE-ID CVE-2015-3775 : [Eldon Ahrold]

    SMBClient Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the SMB client. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3773 : Ilja van Sprundel

    Speech UI Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted unicode string with speech alerts enabled may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling of Unicode strings. This issue was addressed by improved memory handling. CVE-ID CVE-2015-3794 : Adam Greenbaum of Refinitive

    sudo Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files Description: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9. CVE-ID CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2014-0106 CVE-2014-9680

    tcpdump Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3. CVE-ID CVE-2014-8767 CVE-2014-8769 CVE-2014-9140

    Text Formats Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted text file may lead to disclosure of user information Description: An XML external entity reference issue existed with TextEdit parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team

    udf Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3767 : beist of grayhash

    OS X Yosemite v10.10.5 includes the security content of Safari 8.0.8: https://support.apple.com/en-us/HT205033

    OS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

    Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE-----

    iQIcBAEBCAAGBQJVzM3+AAoJEBcWfLTuOo7tx/YP/RTsUUx0UTk7rXj6AEcHmiR4 Y2xTUOXqRmxhieSbsGK9laKL5++lIzkGh5RC7oYag0+OgWtZz+EU/EtdoEJmGNJ6 +PgoEnizYdKhO1kos1KCHOwG6UFCqoeEm6Icm33nVUqWp7uAmhVRMRxtMJEScLSR 2LpsK0grIhFXtJGqu053TSKSCa1UTab8XWteZTT84uFGMSKbAFONj5CPIrR6+uev QpVTwrnskPDBOXJwGhjypvIBTbt2aa1wjCukOAWFHwf7Pma/QUdhKRkUK4vAb9/k fu2t2fBOvSMguJHRO+340NsQR9LvmdruBeAyNUH64srF1jtbAg0QnvZsPyO5aIyR A8WrzHl3oIc0II0y7VpI+3o0J3Nn03EcBPtIKeoeyznnjNziDm72HPI2d2+5ZSRz xjAd4Nmw+dgGq+UMkusIXgtRK4HcEpwzfImf3zqnKHakSncnFPhGKyNEgn8bK9a7 AeAvSqMXXsJg8weHUF2NLnAn/42k2wIE8d5BOLaIy13xz6MJn7VUI21pK0zCaGBF sfkRFZP0eEVh8ZzU/nWp9E5KDpbsd72biJwvjWH4OrmkfzUWxStQiVwPTxtZD9LW c5ZWe+vqZJV9eYRH2hAOMPaYkOQ5Z4DySNVVOFAG0eq9til8+V0k3L7ipIVd2XUB msu6gVP8uZhFYNb8byVJ =+0e/ -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: RHSA-2015:2159-06 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-2159.html Issue date: 2015-11-19 CVE Names: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3148 =====================================================================

    1. Summary:

    Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64

    1. Description:

    The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

    It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613)

    A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707)

    It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150)

    It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate-authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148)

    Red Hat would like to thank the cURL project for reporting these issues.

    Bug fixes:

    • An out-of-protocol fallback to SSL 3.0 was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSL 3.0 through the libcurl API. (BZ#1154060)

    • TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can explicitly disable them through the libcurl API. (BZ#1170339)

    • FTP operations such as downloading files took a significantly long time to complete. Now, the FTP implementation in libcurl correctly sets blocking direction and estimated timeout for connections, resulting in faster FTP transfers. (BZ#1218272)

    Enhancements:

    • With the updated packages, it is possible to explicitly enable or disable new Advanced Encryption Standard (AES) cipher suites to be used for the TLS protocol. (BZ#1066065)

    • The libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on the libcurl multi API. The non-blocking SSL handshake has been implemented in libcurl, and the libcurl multi API now immediately returns the control back to the application whenever it cannot read or write data from or to the underlying network socket. (BZ#1091429)

    • The libcurl library used an unnecessarily long blocking delay for actions with no active file descriptors, even for short operations. Some actions, such as resolving a host name using /etc/hosts, took a long time to complete. The blocking code in libcurl has been modified so that the initial delay is short and gradually increases until an event occurs. (BZ#1130239)

    All curl users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    For details on how to apply this update, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1130239 - Difference in curl performance between RHEL6 and RHEL7 1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain 1154060 - curl: Disable out-of-protocol fallback to SSL 3.0 1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS 1161182 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE 1166264 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth [RHEL-7] 1170339 - use the default min/max TLS version provided by NSS 1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn() 1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated 1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented 1218272 - Performance problem with libcurl and FTP on RHEL7.X

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: curl-7.29.0-25.el7.src.rpm

    x86_64: curl-7.29.0-25.el7.x86_64.rpm curl-debuginfo-7.29.0-25.el7.i686.rpm curl-debuginfo-7.29.0-25.el7.x86_64.rpm libcurl-7.29.0-25.el7.i686.rpm libcurl-7.29.0-25.el7.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: curl-debuginfo-7.29.0-25.el7.i686.rpm curl-debuginfo-7.29.0-25.el7.x86_64.rpm libcurl-devel-7.29.0-25.el7.i686.rpm libcurl-devel-7.29.0-25.el7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: curl-7.29.0-25.el7.src.rpm

    x86_64: curl-7.29.0-25.el7.x86_64.rpm curl-debuginfo-7.29.0-25.el7.i686.rpm curl-debuginfo-7.29.0-25.el7.x86_64.rpm libcurl-7.29.0-25.el7.i686.rpm libcurl-7.29.0-25.el7.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: curl-debuginfo-7.29.0-25.el7.i686.rpm curl-debuginfo-7.29.0-25.el7.x86_64.rpm libcurl-devel-7.29.0-25.el7.i686.rpm libcurl-devel-7.29.0-25.el7.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: curl-7.29.0-25.el7.src.rpm

    aarch64: curl-7.29.0-25.el7.aarch64.rpm curl-debuginfo-7.29.0-25.el7.aarch64.rpm libcurl-7.29.0-25.el7.aarch64.rpm libcurl-devel-7.29.0-25.el7.aarch64.rpm

    ppc64: curl-7.29.0-25.el7.ppc64.rpm curl-debuginfo-7.29.0-25.el7.ppc.rpm curl-debuginfo-7.29.0-25.el7.ppc64.rpm libcurl-7.29.0-25.el7.ppc.rpm libcurl-7.29.0-25.el7.ppc64.rpm libcurl-devel-7.29.0-25.el7.ppc.rpm libcurl-devel-7.29.0-25.el7.ppc64.rpm

    ppc64le: curl-7.29.0-25.el7.ppc64le.rpm curl-debuginfo-7.29.0-25.el7.ppc64le.rpm libcurl-7.29.0-25.el7.ppc64le.rpm libcurl-devel-7.29.0-25.el7.ppc64le.rpm

    s390x: curl-7.29.0-25.el7.s390x.rpm curl-debuginfo-7.29.0-25.el7.s390.rpm curl-debuginfo-7.29.0-25.el7.s390x.rpm libcurl-7.29.0-25.el7.s390.rpm libcurl-7.29.0-25.el7.s390x.rpm libcurl-devel-7.29.0-25.el7.s390.rpm libcurl-devel-7.29.0-25.el7.s390x.rpm

    x86_64: curl-7.29.0-25.el7.x86_64.rpm curl-debuginfo-7.29.0-25.el7.i686.rpm curl-debuginfo-7.29.0-25.el7.x86_64.rpm libcurl-7.29.0-25.el7.i686.rpm libcurl-7.29.0-25.el7.x86_64.rpm libcurl-devel-7.29.0-25.el7.i686.rpm libcurl-devel-7.29.0-25.el7.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: curl-7.29.0-25.el7.src.rpm

    x86_64: curl-7.29.0-25.el7.x86_64.rpm curl-debuginfo-7.29.0-25.el7.i686.rpm curl-debuginfo-7.29.0-25.el7.x86_64.rpm libcurl-7.29.0-25.el7.i686.rpm libcurl-7.29.0-25.el7.x86_64.rpm libcurl-devel-7.29.0-25.el7.i686.rpm libcurl-devel-7.29.0-25.el7.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2014-3613 https://access.redhat.com/security/cve/CVE-2014-3707 https://access.redhat.com/security/cve/CVE-2014-8150 https://access.redhat.com/security/cve/CVE-2015-3143 https://access.redhat.com/security/cve/CVE-2015-3148 https://access.redhat.com/security/updates/classification/#moderate

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFWTkDjXlSAg2UNWIIRAiUIAKCDiD6XED0dZ145uiyufkWCK1ogUACgnQTY 3iELkxAEAUfZ3lJlUq4u7Uo= =rhuc -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    libcurl can in some circumstances re-use the wrong connection when asked to do transfers using other protocols than HTTP and FTP, causing a transfer that was initiated by an application to wrongfully re-use an existing connection to the same server that was authenticated using different credentials (CVE-2014-0138).

    libcurl incorrectly validates wildcard SSL certificates containing literal IP addresses, so under certain conditions, it would allow and use a wildcard match specified in the CN field, allowing a malicious server to participate in a MITM attack or just fool users into believing that it is a legitimate site (CVE-2014-0139). For this problem to trigger, the client application must use the numerical IP address in the URL to access the site (CVE-2014-3613).

    Symeon Paraschoudis discovered that the curl_easy_duphandle() function in cURL has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing a HTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle() to be used in that order, and then the duplicate handle must be used to perform the HTTP POST. The curl command line tool is not affected by this problem as it does not use this sequence (CVE-2014-3707).

    When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those will be sent along to the proxy too, which allows the program to for example send a separate HTTP request injected embedded in the URL (CVE-2014-8150).


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150 http://advisories.mageia.org/MGASA-2014-0153.html http://advisories.mageia.org/MGASA-2014-0385.html http://advisories.mageia.org/MGASA-2014-0444.html http://advisories.mageia.org/MGASA-2015-0020.html


    Updated Packages:

    Mandriva Business Server 2/X86_64: 498d59be3a6a4ace215c0d98fb4abede mbs2/x86_64/curl-7.34.0-3.1.mbs2.x86_64.rpm 75a821b73a75ca34f1747a0f7479267f mbs2/x86_64/curl-examples-7.34.0-3.1.mbs2.noarch.rpm f5d3aad5f0fd9db68b87c648aaabbb4a mbs2/x86_64/lib64curl4-7.34.0-3.1.mbs2.x86_64.rpm 4f356a2c97f9f64124b4e8ebe307826a mbs2/x86_64/lib64curl-devel-7.34.0-3.1.mbs2.x86_64.rpm d010a357d76a8eb967c7c52f92fb35ae mbs2/SRPMS/curl-7.34.0-3.1.mbs2.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    For the stable distribution (wheezy), these problems have been fixed in version 7.26.0-1+wheezy10.

    For the testing distribution (jessie), these problems have been fixed in version 7.38.0-1.

    For the unstable distribution (sid), these problems have been fixed in version 7.38.0-1.

    We recommend that you upgrade your curl packages

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.34.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.36.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.31.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.37.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.33.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.36.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.35.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.32.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "haxx",
            "version": "7.37.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.34.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.33.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.35.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.4"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.37.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.37.1"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.32.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.31.0"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "haxx",
            "version": "7.38.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "haxx",
            "version": "7.38.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.10 to  10.10.4"
          },
          {
            "_id": null,
            "model": "hyperion",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "essbase 11.1.2.2"
          },
          {
            "_id": null,
            "model": "hyperion",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "essbase 11.1.2.3"
          },
          {
            "_id": null,
            "model": "curl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "haxx",
            "version": "7.37.1"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "0"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "69748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3613"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:haxx:curl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:haxx:libcurl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:oracle:hyperion",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Tim Ruehsen",
        "sources": [
          {
            "db": "BID",
            "id": "69748"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2014-3613",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2014-3613",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-71553",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2014-3613",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2014-3613",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201410-1276",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-71553",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2014-3613",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3613"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3613"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site at 127.168.0.1. cURL/libcURL is prone to a remote security-bypass vulnerability. \nAn attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \ncURL/libcURL 7.1 through 7.37.1 are vulnerable. Both Haxx curl and libcurl are products of the Swedish company Haxx. libcurl is a free, open source client-side URL transfer library. ============================================================================\nUbuntu Security Notice USN-2346-1\nSeptember 15, 2014\n\ncurl vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. (CVE-2014-3620)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 LTS:\n  libcurl3                        7.35.0-1ubuntu2.1\n  libcurl3-gnutls                 7.35.0-1ubuntu2.1\n  libcurl3-nss                    7.35.0-1ubuntu2.1\n\nUbuntu 12.04 LTS:\n  libcurl3                        7.22.0-3ubuntu4.10\n  libcurl3-gnutls                 7.22.0-3ubuntu4.10\n  libcurl3-nss                    7.22.0-3ubuntu4.10\n\nUbuntu 10.04 LTS:\n  libcurl3                        7.19.7-1ubuntu1.9\n  libcurl3-gnutls                 7.19.7-1ubuntu1.9\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update\n2015-006\n\nOS X Yosemite v10.10.5 and Security Update 2015-006 is now available\nand addresses the following:\n\napache\nAvailable for:  OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in Apache 2.4.16, the most\nserious of which may allow a remote attacker to cause a denial of\nservice. \nDescription:  Multiple vulnerabilities existed in Apache versions\nprior to 2.4.16. These were addressed by updating Apache to version\n2.4.16. \nCVE-ID\nCVE-2014-3581\nCVE-2014-3583\nCVE-2014-8109\nCVE-2015-0228\nCVE-2015-0253\nCVE-2015-3183\nCVE-2015-3185\n\napache_mod_php\nAvailable for:  OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in PHP 5.5.20, the most\nserious of which may lead to arbitrary code execution. \nDescription:  Multiple vulnerabilities existed in PHP versions prior\nto 5.5.20. These were addressed by updating Apache to version 5.5.27. \nCVE-ID\nCVE-2015-2783\nCVE-2015-2787\nCVE-2015-3307\nCVE-2015-3329\nCVE-2015-3330\nCVE-2015-4021\nCVE-2015-4022\nCVE-2015-4024\nCVE-2015-4025\nCVE-2015-4026\nCVE-2015-4147\nCVE-2015-4148\n\nApple ID OD Plug-in\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able change the password of a\nlocal user\nDescription:  In some circumstances, a state management issue existed\nin password authentication. The issue was addressed through improved\nstate management. \nCVE-ID\nCVE-2015-3799 : an anonymous researcher working with HP\u0027s Zero Day\nInitiative\n\nAppleGraphicsControl\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  An issue existed in AppleGraphicsControl which could\nhave led to the disclosure of kernel memory layout. This issue was\naddressed through improved bounds checking. \nCVE-ID\nCVE-2015-5768 : JieTao Yang of KeenTeam\n\nBluetooth\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A memory corruption issue existed in\nIOBluetoothHCIController. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3779 : Teddy Reed of Facebook Security\n\nBluetooth\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  A memory management issue could have led to the\ndisclosure of kernel memory layout. This issue was addressed with\nimproved memory management. \nCVE-ID\nCVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nBluetooth\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious app may be able to access notifications from\nother iCloud devices\nDescription:  An issue existed where a malicious app could access a\nBluetooth-paired Mac or iOS device\u0027s Notification Center\nnotifications via the Apple Notification Center Service. The issue\naffected devices using Handoff and logged into the same iCloud\naccount. This issue was resolved by revoking access to the Apple\nNotification Center Service. \nCVE-ID\nCVE-2015-3786 : Xiaolong Bai (Tsinghua University), System Security\nLab (Indiana University), Tongxin Li (Peking University), XiaoFeng\nWang (Indiana University)\n\nBluetooth\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  An attacker with privileged network position may be able to\nperform denial of service attack using malformed Bluetooth packets\nDescription:  An input validation issue existed in parsing of\nBluetooth ACL packets. This issue was addressed through improved\ninput validation. \nCVE-ID\nCVE-2015-3787 : Trend Micro\n\nBluetooth\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription:  Multiple buffer overflow issues existed in blued\u0027s\nhandling of XPC messages. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-3777 : mitp0sh of [PDX]\n\nbootp\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious Wi-Fi network may be able to determine networks\na device has previously accessed\nDescription:  Upon connecting to a Wi-Fi network, iOS may have\nbroadcast MAC addresses of previously accessed networks via the DNAv4\nprotocol. This issue was addressed through disabling DNAv4 on\nunencrypted Wi-Fi networks. \nCVE-ID\nCVE-2015-3778 : Piers O\u0027Hanlon of Oxford Internet Institute,\nUniversity of Oxford (on the EPSRC Being There project)\n\nCloudKit\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to access the iCloud\nuser record of a previously signed in user\nDescription:  A state inconsistency existed in CloudKit when signing\nout users. This issue was addressed through improved state handling. \nCVE-ID\nCVE-2015-3782 : Deepkanwal Plaha of University of Toronto\n\nCoreMedia Playback\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Memory corruption issues existed in CoreMedia Playback. \nThese were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5777 : Apple\nCVE-2015-5778 : Apple\n\nCoreText\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\n\ncurl\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities in cURL and libcurl prior to\n7.38.0, one of which may allow remote attackers to bypass the Same\nOrigin Policy. \nDescription:  Multiple vulnerabilities existed in cURL and libcurl\nprior to 7.38.0. These issues were addressed by updating cURL to\nversion 7.43.0. \nCVE-ID\nCVE-2014-3613\nCVE-2014-3620\nCVE-2014-3707\nCVE-2014-8150\nCVE-2014-8151\nCVE-2015-3143\nCVE-2015-3144\nCVE-2015-3145\nCVE-2015-3148\nCVE-2015-3153\n\nData Detectors Engine\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a sequence of unicode characters can lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Memory corruption issues existed in processing of\nUnicode characters. These issues were addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)\n\nDate \u0026 Time pref pane\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Applications that rely on system time may have unexpected\nbehavior\nDescription:  An authorization issue existed when modifying the\nsystem date and time preferences. This issue was addressed with\nadditional authorization checks. \nCVE-ID\nCVE-2015-3757 : Mark S C Smith\n\nDictionary Application\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  An attacker with a privileged network position may be able\nto intercept users\u0027 Dictionary app queries\nDescription:  An issue existed in the Dictionary app, which did not\nproperly secure user communications. This issue was addressed by\nmoving Dictionary queries to HTTPS. \nCVE-ID\nCVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security\nTeam\n\nDiskImages\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted DMG file may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription:  A memory corruption issue existed in parsing of\nmalformed DMG images. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team\n\ndyld\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A path validation issue existed in dyld. This was\naddressed through improved environment sanitization. \nCVE-ID\nCVE-2015-3760 : beist of grayhash, Stefan Esser\n\nFontParser\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-3804 : Apple\nCVE-2015-5775 : Apple\n\nFontParser\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team\n\ngroff\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple issues in pdfroff\nDescription:  Multiple issues existed in pdfroff, the most serious of\nwhich may allow arbitrary filesystem modification. These issues were\naddressed by removing pdfroff. \nCVE-ID\nCVE-2009-5044\nCVE-2009-5078\n\nImageIO\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the processing of\nTIFF images. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5758 : Apple\n\nImageIO\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Visiting a maliciously crafted website may result in the\ndisclosure of process memory\nDescription:  An uninitialized memory access issue existed in\nImageIO\u0027s handling of PNG and TIFF images. Visiting a malicious\nwebsite may result in sending data from process memory to the\nwebsite. This issue is addressed through improved memory\ninitialization and additional validation of PNG and TIFF images. \nCVE-ID\nCVE-2015-5781 : Michal Zalewski\nCVE-2015-5782 : Michal Zalewski\n\nInstall Framework Legacy\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute arbitrary\ncode with root privileges\nDescription:  An issue existed in how Install.framework\u0027s \u0027runner\u0027\nbinary dropped privileges. This issue was addressed through improved\nprivilege management. \nCVE-ID\nCVE-2015-5784 : Ian Beer of Google Project Zero\n\nInstall Framework Legacy\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A race condition existed in\nInstall.framework\u0027s \u0027runner\u0027 binary that resulted in\nprivileges being incorrectly dropped. This issue was addressed\nthrough improved object locking. \nCVE-ID\nCVE-2015-5754 : Ian Beer of Google Project Zero\n\nIOFireWireFamily\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  Memory corruption issues existed in IOFireWireFamily. \nThese issues were addressed through additional type input validation. \nCVE-ID\nCVE-2015-3769 : Ilja van Sprundel\nCVE-2015-3771 : Ilja van Sprundel\nCVE-2015-3772 : Ilja van Sprundel\n\nIOGraphics\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A memory corruption issue existed in IOGraphics. This\nissue was addressed through additional type input validation. \nCVE-ID\nCVE-2015-3770 : Ilja van Sprundel\nCVE-2015-5783 : Ilja van Sprundel\n\nIOHIDFamily\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A buffer overflow issue existed in IOHIDFamily. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5774 : TaiG Jailbreak Team\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to determine kernel\nmemory layout\nDescription:  An issue existed in the mach_port_space_info interface,\nwhich could have led to the disclosure of kernel memory layout. This\nwas addressed by disabling the mach_port_space_info interface. \nCVE-ID\nCVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team,\n@PanguTeam\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  An integer overflow existed in the handling of IOKit\nfunctions. This issue was addressed through improved validation of\nIOKit API arguments. \nCVE-ID\nCVE-2015-3768 : Ilja van Sprundel\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to cause a system denial of service\nDescription:  A resource exhaustion issue existed in the fasttrap\ndriver. This was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5747 : Maxime VILLARD of m00nbsd\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to cause a system denial of service\nDescription:  A validation issue existed in the mounting of HFS\nvolumes. This was addressed by adding additional checks. \nCVE-ID\nCVE-2015-5748 : Maxime VILLARD of m00nbsd\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute unsigned code\nDescription:  An issue existed that allowed unsigned code to be\nappended to signed code in a specially crafted executable file. This\nissue was addressed through improved code signature validation. \nCVE-ID\nCVE-2015-3806 : TaiG Jailbreak Team\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A specially crafted executable file could allow unsigned,\nmalicious code to execute\nDescription:  An issue existed in the way multi-architecture\nexecutable files were evaluated that could have allowed unsigned code\nto be executed. This issue was addressed through improved validation\nof executable files. \nCVE-ID\nCVE-2015-3803 : TaiG Jailbreak Team\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute unsigned code\nDescription:  A validation issue existed in the handling of Mach-O\nfiles. This was addressed by adding additional checks. \nCVE-ID\nCVE-2015-3802 : TaiG Jailbreak Team\nCVE-2015-3805 : TaiG Jailbreak Team\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted plist may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription:  A memory corruption existed in processing of malformed\nplists. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein\n(@jollyjinx) of Jinx Germany\n\nKernel\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A path validation issue existed. This was addressed\nthrough improved environment sanitization. \nCVE-ID\nCVE-2015-3761 : Apple\n\nLibc\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted regular expression may lead\nto an unexpected application termination or arbitrary code execution\nDescription:  Memory corruption issues existed in the TRE library. \nThese were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3796 : Ian Beer of Google Project Zero\nCVE-2015-3797 : Ian Beer of Google Project Zero\nCVE-2015-3798 : Ian Beer of Google Project Zero\n\nLibinfo\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription:  Memory corruption issues existed in handling AF_INET6\nsockets. These were addressed by improved memory handling. \nCVE-ID\nCVE-2015-5776 : Apple\n\nlibpthread\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A memory corruption issue existed in handling syscalls. \nThis issue was addressed through improved lock state checking. \nCVE-ID\nCVE-2015-5757 : Lufeng Li of Qihoo 360\n\nlibxml2\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in libxml2 versions prior\nto 2.9.2, the most serious of which may allow a remote attacker to\ncause a denial of service\nDescription:  Multiple vulnerabilities existed in libxml2 versions\nprior to 2.9.2. These were addressed by updating libxml2 to version\n2.9.2. \nCVE-ID\nCVE-2012-6685 : Felix Groebert of Google\nCVE-2014-0191 : Felix Groebert of Google\n\nlibxml2\nAvailable for:  OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription:  A memory access issue existed in libxml2. This was\naddressed by improved memory handling\nCVE-ID\nCVE-2014-3660 : Felix Groebert of Google\n\nlibxml2\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription:  A memory corruption issue existed in parsing of XML\nfiles. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3807 : Apple\n\nlibxpc\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription:  A memory corruption issue existed in handling of\nmalformed XPC messages. This issue was improved through improved\nbounds checking. \nCVE-ID\nCVE-2015-3795 : Mathew Rowley\n\nmail_cmds\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary shell commands\nDescription:  A validation issue existed in the mailx parsing of\nemail addresses. This was addressed by improved sanitization. \nCVE-ID\nCVE-2014-7844\n\nNotification Center OSX\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A malicious application may be able to access all\nnotifications previously displayed to users\nDescription:  An issue existed in Notification Center, which did not\nproperly delete user notifications. This issue was addressed by\ncorrectly deleting notifications dismissed by users. \nCVE-ID\nCVE-2015-3764 : Jonathan Zdziarski\n\nntfs\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  A memory corruption issue existed in NTFS. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nOpenSSH\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Remote attackers may be able to circumvent a time delay for\nfailed login attempts and conduct brute-force attacks\nDescription:  An issue existed when processing keyboard-interactive\ndevices. This issue was addressed through improved authentication\nrequest validation. \nCVE-ID\nCVE-2015-5600\n\nOpenSSL\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in OpenSSL versions prior\nto 0.9.8zg, the most serious of which may allow a remote attacker to\ncause a denial of service. \nDescription:  Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\n\nperl\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted regular expression may lead to\ndisclosure of unexpected application termination or arbitrary code\nexecution\nDescription:  An integer underflow issue existed in the way Perl\nparsed regular expressions. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2013-7422\n\nPostgreSQL\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  An attacker may be able to cause unexpected application\ntermination or gain access to data without proper authentication\nDescription:  Multiple issues existed in PostgreSQL 9.2.4. These\nissues were addressed by updating PostgreSQL to 9.2.13. \nCVE-ID\nCVE-2014-0067\nCVE-2014-8161\nCVE-2015-0241\nCVE-2015-0242\nCVE-2015-0243\nCVE-2015-0244\n\npython\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in Python 2.7.6, the most\nserious of which may lead to arbitrary code execution\nDescription:  Multiple vulnerabilities existed in Python versions\nprior to 2.7.6. These were addressed by updating Python to version\n2.7.10. \nCVE-ID\nCVE-2013-7040\nCVE-2013-7338\nCVE-2014-1912\nCVE-2014-7185\nCVE-2014-9365\n\nQL Office\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted Office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in parsing of Office\ndocuments. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5773 : Apple\n\nQL Office\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted XML file may lead to\ndisclosure of user information\nDescription:  An external entity reference issue existed in XML file\nparsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-3784 : Bruno Morisson of INTEGRITY S.A. \n\nQuartz Composer Framework\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted QuickTime file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in parsing of\nQuickTime files. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5771 : Apple\n\nQuick Look\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Searching for a previously viewed website may launch the web\nbrowser and render that website\nDescription:  An issue existed where QuickLook had the capability to\nexecute JavaScript. The issue was addressed by disallowing execution\nof JavaScript. \nCVE-ID\nCVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole\n\nQuickTime 7\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3772\nCVE-2015-3779\nCVE-2015-5753 : Apple\nCVE-2015-5779 : Apple\n\nQuickTime 7\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3765 : Joe Burnett of Audio Poison\nCVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-5751 : WalkerFuz\n\nSceneKit\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Viewing a maliciously crafted Collada file may lead to\narbitrary code execution\nDescription:  A heap buffer overflow existed in SceneKit\u0027s handling\nof Collada files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5772 : Apple\n\nSceneKit\nAvailable for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact:  A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription:  A memory corruption issue existed in SceneKit. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3783 : Haris Andrianakis of Google Security Team\n\nSecurity\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A standard user may be able to gain access to admin\nprivileges without proper authentication\nDescription:  An issue existed in handling of user authentication. \nThis issue was addressed through improved authentication checks. \nCVE-ID\nCVE-2015-3775 : [Eldon Ahrold]\n\nSMBClient\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription:  A memory corruption issue existed in the SMB client. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3773 : Ilja van Sprundel\n\nSpeech UI\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted unicode string with speech\nalerts enabled may lead to an unexpected application termination or\narbitrary code execution\nDescription:  A memory corruption issue existed in handling of\nUnicode strings. This issue was addressed by improved memory\nhandling. \nCVE-ID\nCVE-2015-3794 : Adam Greenbaum of Refinitive\n\nsudo\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in sudo versions prior to\n1.7.10p9, the most serious of which may allow an attacker access to\narbitrary files\nDescription:  Multiple vulnerabilities existed in sudo versions prior\nto 1.7.10p9. These were addressed by updating sudo to version\n1.7.10p9. \nCVE-ID\nCVE-2013-1775\nCVE-2013-1776\nCVE-2013-2776\nCVE-2013-2777\nCVE-2014-0106\nCVE-2014-9680\n\ntcpdump\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Multiple vulnerabilities existed in tcpdump 4.7.3, the most\nserious of which may allow a remote attacker to cause a denial of\nservice. \nDescription:  Multiple vulnerabilities existed in tcpdump versions\nprior to 4.7.3. These were addressed by updating tcpdump to version\n4.7.3. \nCVE-ID\nCVE-2014-8767\nCVE-2014-8769\nCVE-2014-9140\n\nText Formats\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Parsing a maliciously crafted text file may lead to\ndisclosure of user information\nDescription:  An XML external entity reference issue existed with\nTextEdit parsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team\n\nudf\nAvailable for:  OS X Yosemite v10.10 to v10.10.4\nImpact:  Processing a maliciously crafted DMG file may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription:  A memory corruption issue existed in parsing of\nmalformed DMG images. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3767 : beist of grayhash\n\nOS X Yosemite v10.10.5 includes the security content of Safari 8.0.8:\nhttps://support.apple.com/en-us/HT205033\n\nOS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained\nfrom the Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n\n\n-----BEGIN PGP SIGNATURE-----\n\niQIcBAEBCAAGBQJVzM3+AAoJEBcWfLTuOo7tx/YP/RTsUUx0UTk7rXj6AEcHmiR4\nY2xTUOXqRmxhieSbsGK9laKL5++lIzkGh5RC7oYag0+OgWtZz+EU/EtdoEJmGNJ6\n+PgoEnizYdKhO1kos1KCHOwG6UFCqoeEm6Icm33nVUqWp7uAmhVRMRxtMJEScLSR\n2LpsK0grIhFXtJGqu053TSKSCa1UTab8XWteZTT84uFGMSKbAFONj5CPIrR6+uev\nQpVTwrnskPDBOXJwGhjypvIBTbt2aa1wjCukOAWFHwf7Pma/QUdhKRkUK4vAb9/k\nfu2t2fBOvSMguJHRO+340NsQR9LvmdruBeAyNUH64srF1jtbAg0QnvZsPyO5aIyR\nA8WrzHl3oIc0II0y7VpI+3o0J3Nn03EcBPtIKeoeyznnjNziDm72HPI2d2+5ZSRz\nxjAd4Nmw+dgGq+UMkusIXgtRK4HcEpwzfImf3zqnKHakSncnFPhGKyNEgn8bK9a7\nAeAvSqMXXsJg8weHUF2NLnAn/42k2wIE8d5BOLaIy13xz6MJn7VUI21pK0zCaGBF\nsfkRFZP0eEVh8ZzU/nWp9E5KDpbsd72biJwvjWH4OrmkfzUWxStQiVwPTxtZD9LW\nc5ZWe+vqZJV9eYRH2hAOMPaYkOQ5Z4DySNVVOFAG0eq9til8+V0k3L7ipIVd2XUB\nmsu6gVP8uZhFYNb8byVJ\n=+0e/\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: curl security, bug fix, and enhancement update\nAdvisory ID:       RHSA-2015:2159-06\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2015-2159.html\nIssue date:        2015-11-19\nCVE Names:         CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 \n                   CVE-2015-3143 CVE-2015-3148 \n=====================================================================\n\n1. Summary:\n\nUpdated curl packages that fix multiple security issues, several bugs, and\nadd two enhancements are now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nIt was found that the libcurl library did not correctly handle partial\nliteral IP addresses when parsing received HTTP cookies. An attacker able\nto trick a user into connecting to a malicious server could use this flaw\nto set the user\u0027s cookie to a crafted domain, making other cookie-related\nissues easier to exploit. (CVE-2014-3613)\n\nA flaw was found in the way the libcurl library performed the duplication\nof connection handles. If an application set the CURLOPT_COPYPOSTFIELDS\noption for a handle, using the handle\u0027s duplicate could cause the\napplication to crash or disclose a portion of its memory. (CVE-2014-3707)\n\nIt was discovered that the libcurl library failed to properly handle URLs\nwith embedded end-of-line characters. An attacker able to make an\napplication using libcurl access a specially crafted URL via an HTTP proxy\ncould use this flaw to inject additional headers to the request or\nconstruct additional requests. (CVE-2014-8150)\n\nIt was discovered that libcurl implemented aspects of the NTLM and\nNegotatiate authentication incorrectly. If an application uses libcurl\nand the affected mechanisms in a specifc way, certain requests to a\npreviously NTLM-authenticated server could appears as sent by the wrong\nauthenticated user. Additionally, the initial set of credentials for HTTP\nNegotiate-authenticated requests could be reused in subsequent requests,\nalthough a different set of credentials was specified. (CVE-2015-3143,\nCVE-2015-3148)\n\nRed Hat would like to thank the cURL project for reporting these issues. \n\nBug fixes:\n\n* An out-of-protocol fallback to SSL 3.0 was available with libcurl. \nAttackers could abuse the fallback to force downgrade of the SSL version. \nThe fallback has been removed from libcurl. Users requiring this\nfunctionality can explicitly enable SSL 3.0 through the libcurl API. \n(BZ#1154060)\n\n* TLS 1.1 and TLS 1.2 are no longer disabled by default in libcurl. You can\nexplicitly disable them through the libcurl API. (BZ#1170339)\n\n* FTP operations such as downloading files took a significantly long time\nto complete. Now, the FTP implementation in libcurl correctly sets blocking\ndirection and estimated timeout for connections, resulting in faster FTP\ntransfers. (BZ#1218272)\n\nEnhancements:\n\n* With the updated packages, it is possible to explicitly enable or disable\nnew Advanced Encryption Standard (AES) cipher suites to be used for the TLS\nprotocol. (BZ#1066065)\n\n* The libcurl library did not implement a non-blocking SSL handshake, which\nnegatively affected performance of applications based on the libcurl multi\nAPI. The non-blocking SSL handshake has been implemented in libcurl, and\nthe libcurl multi API now immediately returns the control back to the\napplication whenever it cannot read or write data from or to the underlying\nnetwork socket. (BZ#1091429)\n\n* The libcurl library used an unnecessarily long blocking delay for actions\nwith no active file descriptors, even for short operations. Some actions,\nsuch as resolving a host name using /etc/hosts, took a long time to\ncomplete. The blocking code in libcurl has been modified so that the\ninitial delay is short and gradually increases until an event occurs. \n(BZ#1130239)\n\nAll curl users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1130239 - Difference in curl performance between RHEL6 and RHEL7\n1136154 - CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain\n1154060 - curl: Disable out-of-protocol fallback to SSL 3.0\n1154941 - CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS\n1161182 - Response headers added by proxy servers missing in CURLINFO_HEADER_SIZE\n1166264 - NTLM: ignore CURLOPT_FORBID_REUSE during NTLM HTTP auth [RHEL-7]\n1170339 - use the default min/max TLS version provided by NSS\n1178692 - CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()\n1213306 - CVE-2015-3143 curl: re-using authenticated connection when unauthenticated\n1213351 - CVE-2015-3148 curl: Negotiate not treated as connection-oriented\n1218272 - Performance problem with libcurl and FTP on RHEL7.X\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ncurl-7.29.0-25.el7.src.rpm\n\nx86_64:\ncurl-7.29.0-25.el7.x86_64.rpm\ncurl-debuginfo-7.29.0-25.el7.i686.rpm\ncurl-debuginfo-7.29.0-25.el7.x86_64.rpm\nlibcurl-7.29.0-25.el7.i686.rpm\nlibcurl-7.29.0-25.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\ncurl-debuginfo-7.29.0-25.el7.i686.rpm\ncurl-debuginfo-7.29.0-25.el7.x86_64.rpm\nlibcurl-devel-7.29.0-25.el7.i686.rpm\nlibcurl-devel-7.29.0-25.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ncurl-7.29.0-25.el7.src.rpm\n\nx86_64:\ncurl-7.29.0-25.el7.x86_64.rpm\ncurl-debuginfo-7.29.0-25.el7.i686.rpm\ncurl-debuginfo-7.29.0-25.el7.x86_64.rpm\nlibcurl-7.29.0-25.el7.i686.rpm\nlibcurl-7.29.0-25.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\ncurl-debuginfo-7.29.0-25.el7.i686.rpm\ncurl-debuginfo-7.29.0-25.el7.x86_64.rpm\nlibcurl-devel-7.29.0-25.el7.i686.rpm\nlibcurl-devel-7.29.0-25.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ncurl-7.29.0-25.el7.src.rpm\n\naarch64:\ncurl-7.29.0-25.el7.aarch64.rpm\ncurl-debuginfo-7.29.0-25.el7.aarch64.rpm\nlibcurl-7.29.0-25.el7.aarch64.rpm\nlibcurl-devel-7.29.0-25.el7.aarch64.rpm\n\nppc64:\ncurl-7.29.0-25.el7.ppc64.rpm\ncurl-debuginfo-7.29.0-25.el7.ppc.rpm\ncurl-debuginfo-7.29.0-25.el7.ppc64.rpm\nlibcurl-7.29.0-25.el7.ppc.rpm\nlibcurl-7.29.0-25.el7.ppc64.rpm\nlibcurl-devel-7.29.0-25.el7.ppc.rpm\nlibcurl-devel-7.29.0-25.el7.ppc64.rpm\n\nppc64le:\ncurl-7.29.0-25.el7.ppc64le.rpm\ncurl-debuginfo-7.29.0-25.el7.ppc64le.rpm\nlibcurl-7.29.0-25.el7.ppc64le.rpm\nlibcurl-devel-7.29.0-25.el7.ppc64le.rpm\n\ns390x:\ncurl-7.29.0-25.el7.s390x.rpm\ncurl-debuginfo-7.29.0-25.el7.s390.rpm\ncurl-debuginfo-7.29.0-25.el7.s390x.rpm\nlibcurl-7.29.0-25.el7.s390.rpm\nlibcurl-7.29.0-25.el7.s390x.rpm\nlibcurl-devel-7.29.0-25.el7.s390.rpm\nlibcurl-devel-7.29.0-25.el7.s390x.rpm\n\nx86_64:\ncurl-7.29.0-25.el7.x86_64.rpm\ncurl-debuginfo-7.29.0-25.el7.i686.rpm\ncurl-debuginfo-7.29.0-25.el7.x86_64.rpm\nlibcurl-7.29.0-25.el7.i686.rpm\nlibcurl-7.29.0-25.el7.x86_64.rpm\nlibcurl-devel-7.29.0-25.el7.i686.rpm\nlibcurl-devel-7.29.0-25.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ncurl-7.29.0-25.el7.src.rpm\n\nx86_64:\ncurl-7.29.0-25.el7.x86_64.rpm\ncurl-debuginfo-7.29.0-25.el7.i686.rpm\ncurl-debuginfo-7.29.0-25.el7.x86_64.rpm\nlibcurl-7.29.0-25.el7.i686.rpm\nlibcurl-7.29.0-25.el7.x86_64.rpm\nlibcurl-devel-7.29.0-25.el7.i686.rpm\nlibcurl-devel-7.29.0-25.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-3613\nhttps://access.redhat.com/security/cve/CVE-2014-3707\nhttps://access.redhat.com/security/cve/CVE-2014-8150\nhttps://access.redhat.com/security/cve/CVE-2015-3143\nhttps://access.redhat.com/security/cve/CVE-2015-3148\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFWTkDjXlSAg2UNWIIRAiUIAKCDiD6XED0dZ145uiyufkWCK1ogUACgnQTY\n3iELkxAEAUfZ3lJlUq4u7Uo=\n=rhuc\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n \n libcurl can in some circumstances re-use the wrong connection when\n asked to do transfers using other protocols than HTTP and FTP, causing\n a transfer that was initiated by an application to wrongfully re-use\n an existing connection to the same server that was authenticated\n using different credentials (CVE-2014-0138). \n \n libcurl incorrectly validates wildcard SSL certificates containing\n literal IP addresses, so under certain conditions, it would allow\n and use a wildcard match specified in the CN field, allowing a\n malicious server to participate in a MITM attack or just fool users\n into believing that it is a legitimate site (CVE-2014-0139). For this problem to trigger, the client application must use\n the numerical IP address in the URL to access the site (CVE-2014-3613). \n \n Symeon Paraschoudis discovered that the curl_easy_duphandle() function\n in cURL has a bug that can lead to libcurl eventually sending off\n sensitive data that was not intended for sending, while performing\n a HTTP POST operation. This bug requires CURLOPT_COPYPOSTFIELDS and\n curl_easy_duphandle() to be used in that order, and then the duplicate\n handle must be used to perform the HTTP POST. The curl command line\n tool is not affected by this problem as it does not use this sequence\n (CVE-2014-3707). \n \n When libcurl sends a request to a server via a HTTP proxy, it copies\n the entire URL into the request and sends if off. If the given URL\n contains line feeds and carriage returns those will be sent along to\n the proxy too, which allows the program to for example send a separate\n HTTP request injected embedded in the URL (CVE-2014-8150). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3613\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3707\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8150\n http://advisories.mageia.org/MGASA-2014-0153.html\n http://advisories.mageia.org/MGASA-2014-0385.html\n http://advisories.mageia.org/MGASA-2014-0444.html\n http://advisories.mageia.org/MGASA-2015-0020.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n 498d59be3a6a4ace215c0d98fb4abede  mbs2/x86_64/curl-7.34.0-3.1.mbs2.x86_64.rpm\n 75a821b73a75ca34f1747a0f7479267f  mbs2/x86_64/curl-examples-7.34.0-3.1.mbs2.noarch.rpm\n f5d3aad5f0fd9db68b87c648aaabbb4a  mbs2/x86_64/lib64curl4-7.34.0-3.1.mbs2.x86_64.rpm\n 4f356a2c97f9f64124b4e8ebe307826a  mbs2/x86_64/lib64curl-devel-7.34.0-3.1.mbs2.x86_64.rpm \n d010a357d76a8eb967c7c52f92fb35ae  mbs2/SRPMS/curl-7.34.0-3.1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 7.26.0-1+wheezy10. \n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 7.38.0-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.38.0-1. \n\nWe recommend that you upgrade your curl packages",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-3613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          },
          {
            "db": "BID",
            "id": "69748"
          },
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3613"
          },
          {
            "db": "PACKETSTORM",
            "id": "128244"
          },
          {
            "db": "PACKETSTORM",
            "id": "133079"
          },
          {
            "db": "PACKETSTORM",
            "id": "134443"
          },
          {
            "db": "PACKETSTORM",
            "id": "131105"
          },
          {
            "db": "PACKETSTORM",
            "id": "128403"
          },
          {
            "db": "PACKETSTORM",
            "id": "128204"
          }
        ],
        "trust": 2.61
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-71553",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-3613",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "69748",
            "trust": 2.1
          },
          {
            "db": "JUNIPER",
            "id": "JSA10743",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "61077",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "61591",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "61026",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "60411",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "61239",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "134443",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "128244",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "128403",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "128204",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "132792",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-71553",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3613",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133079",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131105",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3613"
          },
          {
            "db": "BID",
            "id": "69748"
          },
          {
            "db": "PACKETSTORM",
            "id": "128244"
          },
          {
            "db": "PACKETSTORM",
            "id": "133079"
          },
          {
            "db": "PACKETSTORM",
            "id": "134443"
          },
          {
            "db": "PACKETSTORM",
            "id": "131105"
          },
          {
            "db": "PACKETSTORM",
            "id": "128403"
          },
          {
            "db": "PACKETSTORM",
            "id": "128204"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3613"
          }
        ]
      },
      "id": "VAR-201411-0410",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:15:37.764000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "title": "HT205031",
            "trust": 0.8,
            "url": "https://support.apple.com/en-us/HT205031"
          },
          {
            "title": "HT205031",
            "trust": 0.8,
            "url": "https://support.apple.com/ja-jp/HT205031"
          },
          {
            "title": "Oracle Critical Patch Update Advisory - July 2015",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html"
          },
          {
            "title": "libcurl cookie leak with IP address as domain",
            "trust": 0.8,
            "url": "http://curl.haxx.se/docs/adv_20140910A.html"
          },
          {
            "title": "July 2015 Critical Patch Update Released",
            "trust": 0.8,
            "url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update"
          },
          {
            "title": "Red Hat: Moderate: curl security, bug fix, and enhancement update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20152159 - Security Advisory"
          },
          {
            "title": "Ubuntu Security Notice: curl vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2346-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3022-1 curl -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=35cc15eaec0478affc20cf6c42bfcea2"
          },
          {
            "title": "Red Hat: CVE-2014-3613",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2014-3613"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2014-407",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2014-407"
          },
          {
            "title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=435ed9abc2fb1e74ce2a69605a01e326"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2014-3613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-310",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3613"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.8,
            "url": "http://www.securityfocus.com/bid/69748"
          },
          {
            "trust": 1.8,
            "url": "http://curl.haxx.se/docs/adv_20140910a.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.debian.org/security/2014/dsa-3022"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00024.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "trust": 1.2,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
          },
          {
            "trust": 1.2,
            "url": "https://support.apple.com/kb/ht205031"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1254.html"
          },
          {
            "trust": 1.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10743"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3613"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3613"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3613"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/60411"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/61026"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/61077"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/61239"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/61591"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3620"
          },
          {
            "trust": 0.3,
            "url": "http://curl.haxx.se/"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3707"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8150"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2014-3613"
          },
          {
            "trust": 0.2,
            "url": "http://advisories.mageia.org/mgasa-2014-0385.html"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3620"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026amp;id=jsa10743"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/310.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2015:2159"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37164"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/2346-1/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.22.0-3ubuntu4.10"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-2346-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.19.7-1ubuntu1.9"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8109"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1775"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3583"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7185"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/en-us/ht205033"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8161"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2776"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-7422"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8767"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-5044"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-2777"
          },
          {
            "trust": 0.1,
            "url": "http://www.apple.com/support/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3581"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7844"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0106"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1776"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8769"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-7338"
          },
          {
            "trust": 0.1,
            "url": "https://www.safeye.org)"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0191"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0067"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-5078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-7040"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6685"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8151"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3660"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-1912"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2015-2159.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3143"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3148"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-3707"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3143"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3148"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-8150"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0015"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0015"
          },
          {
            "trust": 0.1,
            "url": "http://advisories.mageia.org/mgasa-2015-0020.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0138"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0139"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8150"
          },
          {
            "trust": 0.1,
            "url": "http://advisories.mageia.org/mgasa-2014-0444.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0139"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0138"
          },
          {
            "trust": 0.1,
            "url": "http://advisories.mageia.org/mgasa-2014-0153.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3707"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-71553"
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3613"
          },
          {
            "db": "BID",
            "id": "69748"
          },
          {
            "db": "PACKETSTORM",
            "id": "128244"
          },
          {
            "db": "PACKETSTORM",
            "id": "133079"
          },
          {
            "db": "PACKETSTORM",
            "id": "134443"
          },
          {
            "db": "PACKETSTORM",
            "id": "131105"
          },
          {
            "db": "PACKETSTORM",
            "id": "128403"
          },
          {
            "db": "PACKETSTORM",
            "id": "128204"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3613"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-71553",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2014-3613",
            "ident": null
          },
          {
            "db": "BID",
            "id": "69748",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "128244",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "133079",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "134443",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131105",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "128403",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "128204",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2014-3613",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2014-11-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-71553",
            "ident": null
          },
          {
            "date": "2014-11-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2014-3613",
            "ident": null
          },
          {
            "date": "2014-09-11T00:00:00",
            "db": "BID",
            "id": "69748",
            "ident": null
          },
          {
            "date": "2014-09-15T17:52:31",
            "db": "PACKETSTORM",
            "id": "128244",
            "ident": null
          },
          {
            "date": "2015-08-13T22:15:27",
            "db": "PACKETSTORM",
            "id": "133079",
            "ident": null
          },
          {
            "date": "2015-11-20T00:41:15",
            "db": "PACKETSTORM",
            "id": "134443",
            "ident": null
          },
          {
            "date": "2015-03-30T21:28:34",
            "db": "PACKETSTORM",
            "id": "131105",
            "ident": null
          },
          {
            "date": "2014-09-25T15:14:15",
            "db": "PACKETSTORM",
            "id": "128403",
            "ident": null
          },
          {
            "date": "2014-09-11T21:05:15",
            "db": "PACKETSTORM",
            "id": "128204",
            "ident": null
          },
          {
            "date": "2014-09-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-1276",
            "ident": null
          },
          {
            "date": "2014-11-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005511",
            "ident": null
          },
          {
            "date": "2014-11-18T15:59:00.140000",
            "db": "NVD",
            "id": "CVE-2014-3613",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-01-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-71553",
            "ident": null
          },
          {
            "date": "2018-01-05T00:00:00",
            "db": "VULMON",
            "id": "CVE-2014-3613",
            "ident": null
          },
          {
            "date": "2016-07-05T22:09:00",
            "db": "BID",
            "id": "69748",
            "ident": null
          },
          {
            "date": "2014-11-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-1276",
            "ident": null
          },
          {
            "date": "2015-08-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005511",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2014-3613",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "cURL and  libcurl In  Cookie Vulnerability set",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005511"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "encryption problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1276"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200810-0138

    Vulnerability from variot - Updated: 2026-04-10 23:15

    The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Authentication is not required to exploit this vulnerability.The specific flaw exists in the Hewlett-Packard Graphics Language filter. CUPS is prone to a remote code-execution vulnerability caused by an error in the 'HP-GL/2 filter. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges. Successful remote exploits may require printer sharing to be enabled on the vulnerable system. The issue affects versions prior to CUPS 1.3.9. NOTE: This issue was previously discussed in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability. The security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. An access checking bug in the HP Graphics Language (HPGL) filter could cause arbitrary memory to be overwritten with controlled data. =========================================================== Ubuntu Security Notice USN-656-1 October 15, 2008 cupsys vulnerabilities CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.11

    Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.6

    Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.8

    Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.1

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. (CVE-2008-3639)

    It was discovered that the texttops filter in CUPS did not properly validate page metrics. If a user or automated system were tricked into opening a crafted text file, an attacker could cause a denial of service. (CVE-2008-3640)

    It was discovered that the HP-GL filter in CUPS did not properly check for invalid pen parameters. If a user or automated system were tricked into opening a crafted HP-GL or HP-GL/2 file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-3641)

    NOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the the fix for CVE-2008-1722 applied. This update includes fixes for the problem. We apologize for the inconvenience.

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz
      Size/MD5:   102981 403c1494b264696702f055fc5cdcc60d
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc
      Size/MD5:     1052 cc47231c220e8d0e1659cf83d9e08445
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
      Size/MD5:  4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb
      Size/MD5:      994 8b094f8389b70e0153d7bbfcd23ed912
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:    36226 ddea26501964356559ee3a11124acd8b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:    81902 670924b1b9a36db787e3b4cc6a7f1782
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:  2286676 455fe7748b3ab167658bb5b42ef0363a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:     6086 dc0bd3799366e32503466ba4588fc4df
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:    77226 31e781bf2c8f0f4140799b21b9d0484a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:    25742 6812b0831f37474b50607e4c6eb83fe5
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb
      Size/MD5:   129960 88a0b954c9f50df6aa37824b3da7041b
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:    34768 d04de29dfcca09a4dc70a385e8a0766b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:    77974 efed93511d0ee579706e5cf538378dbd
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:  2253974 30ac219c7cd66460df6fa2b76c147ae8
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:     6090 648459c3b58ddaf1fc646c8cd476e9f8
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:    76350 d044f4fa44a792c81bca198f44687a1e
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:    25740 4c97e6e30f95bd3c3a32c761db4f5183
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb
      Size/MD5:   122178 7298a6d762d2edbe6fd107656932f32a
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:    40468 24cf01572a6f790296c1accba097352c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:    89528 0172b346d78458df1a6cd91a371b3b67
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:  2301292 f1a755a88fde554fdabbfb8081a88e52
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:     6098 f3e962ddc060712ed3ba78bb5625d5e4
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:    79004 de095980afadd9352e5d7e92600d75b5
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:    25744 21a4d908ae8de551cda885d4835d69c0
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb
      Size/MD5:   127932 6e50fa3fa4185c781551e5744331f20b
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:    35392 ede504cfaaf1e068c68b3fa759777098
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:    78712 49f458e339846bcc2eb9ffdc482de5be
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:  2287588 864ab74a020db94ab2acc1283720a05c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:     6092 58c6f56f79c35af1b0ca47eaeedd7ea3
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:    76262 759f3df1a04440d71ae6634109045bf6
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:    25740 8bbdc7b4842df909bdfb95b96fd9f884
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb
      Size/MD5:   123662 4c4f4a4faae61a0c3901c63fe58bbf26
    

    Updated packages for Ubuntu 7.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz
      Size/MD5:   160216 80696d47933857b9665da1492f9a801b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc
      Size/MD5:     1143 0dbd641692767f4e2e5b7f390c412a9f
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz
      Size/MD5:  4293194 107affe95fcf1cd4aaed4a5c73f4b91f
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb
      Size/MD5:   926804 41e6c60357740e668198976afcce6bd1
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:    37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:    83230 361cd5ffca4125245798312c3a9c7eaa
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:  1638902 a502a4f981385dcba50ed5b6fc8fe969
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:    56598 a9f413ff725abe42af63312ea6e826e7
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:   104860 7bfc0e70546baa2c98421a9dd7a373e6
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:   144852 9d30fa04e2aa415fb126188aa4d32349
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb
      Size/MD5:   182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:    36712 014d51e184b4435a28c1e820455fb0a1
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:    80752 4d29ca2e6d3de00e3a10c55c677c8cd6
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:  1621450 551c9d7c9836efe7a927a609699976ad
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:    55720 b70e3b3a1c86aa782a42fcf1a40ff197
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:   104592 ececfa4f50e077d5049116a47cc44965
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:   139320 b5c4606316c175feac7dd9a8f78acc56
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb
      Size/MD5:   179030 b2bb50b90caac66408739e67ecc9fdb5
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:    46766 ad2b053736a2165b39f1749b7e3409e0
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:   101094 bea4c45325710b1e2d5e67dceb7853bb
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:  1696124 7e3469aa52e2de4e93352e44f7623305
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:    56398 47755a89a609e4401d70f6adcfcfb9a5
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:   110478 94a5f78770c410fce9a0c88a187fe9c4
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:   141178 69f22a6730b291c9df2b0541c07223d6
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb
      Size/MD5:   188650 634498a8eb5ab4c75eab74e1655234b1
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:    37778 cde58d9fa7d256698ef6ba128b16a799
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:    83740 072c6f65496619d5808c542d3a2ebe97
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:  1659626 a5b6c19a436e9737af44cbaee93d093c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:    54928 5a8347021b82084600e0d08971cb41a3
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:   104156 ca7b062c097aa7f92a9085615fc3e828
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:   141756 299acfe9e1964d21e7ba2fc3a390ded8
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb
      Size/MD5:   178292 02e3059c98fb42cb83173e0b3a08d469
    

    Updated packages for Ubuntu 7.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz
      Size/MD5:   128977 cc7a79b80d0cc2caa8f9c5aea2f9397b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc
      Size/MD5:     1218 4f603d11b93e600bd82009983bc88580
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz
      Size/MD5:  4848424 9e3e1dee4d872fdff0682041198d3d73
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb
      Size/MD5:  1080404 6419c157fd22fcfb2e1563ccced2fcae
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:    37204 88b05a4cbb9f5714951edade3dd0609b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:    89506 cb352043a1985e24614dc27ffa5ded01
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:  2034890 3a2c4daded2923691da8fe3f60d93f3e
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:    60020 5007c193bb8416754a9d7e7ad09c4808
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:    46884 9a2fd628887a01cc2fcb49131ec8ed0f
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:   152014 7a9debd353faa26803f0e8707a97697a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb
      Size/MD5:   186418 13e510e27e1025732d203a933ded8ade
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:    36486 05cb382029ccb2285530af9de662b686
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:    86494 80b08f6080ed3c46e4fc954da05d9e6d
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:  2018384 16b0a7b694a38e4616fce6415116a7e9
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:    58882 8572d274d06e1a650d2d5199ea5dcf6f
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:    46280 158a4aef965ef1c697c5c7aef53f9e90
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:   145692 36b5af34074b13e44e2d2ae5f76fa6fc
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb
      Size/MD5:   183190 fe12de8de5a779538844e2aecd5ccedb
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:    36570 f73b632b59630a2727e45be083730c23
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:    88054 07cfc2fdf8615471278b10550f713a3e
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:  2020696 d97dab5d5a099884f7bca77dd118233a
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:    59624 d582e3100eaf68e9b10585ca6ce0a078
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:    47662 a2e2c5cc101d720249efd108b1a724ca
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:   142426 8e91390ca3bb0bd98ab7a43017e38a90
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb
      Size/MD5:   181382 0806d0e1be2fdb48b873ea977107b759
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:    46502 1f2a7db4dd6dfc7910a9c84f28425537
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:   107736 9a34baee6e8356d911d637e52fcb0747
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:  2099614 b0f8237ccff1e54e070645e79e085794
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:    59494 c3c1a6f415dacee7b5f0e63e0f83ca6c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:    51856 91fcaca5686ce2070e654699b60514f4
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:   146952 205fedd96bd614314b2e9ecb18e78f53
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb
      Size/MD5:   192204 0033c62b251a505fb7d80b5b8c96f6b6
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:    37558 f568ceabe0e419d263b75a5c852eb10a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:    89606 d916d0d9478082000a0f698347613387
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:  2061026 a1b9da985d3d0211790f170443e74ac9
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:    58098 dc5d816068b451c8926dd06a25e1715b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:    45572 9976f70a905893735ee445cca7ecda7f
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:   148486 48954d641e131708913530887d28c064
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb
      Size/MD5:   182218 074755797d588b92f7030c0a9562cb67
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz
      Size/MD5:   133549 8146f7a668701caad4379707ccedf538
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc
      Size/MD5:     1433 de3ffa5e20bdbc0bd61cf543cc2d351f
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
      Size/MD5:  4700333 383e556d9841475847da6076c88da467
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb
      Size/MD5:  1143834 7230e79bb0d6a1435f3ce0de114e1ad3
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:    37530 0362fc9c1260486e4d1dcccca8dc60a3
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:    89982 9a1ac844025f66fb85357e1807256331
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:  1880646 233fbeadff826a6b6f22347559fe8bf5
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:    60892 98a65443be4d97fb1de2f8580dd67e40
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:    50356 89ca2e97385912ebf2ffe8a0871610d5
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:   344926 631f297ea0a13321c61ee211d65fceab
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb
      Size/MD5:   177500 8dd137567dbc9644bda3b0a799cb2f6a
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:    36952 deba752b21bdf04393626cf35ebb79eb
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:    88408 2e76b5856bde6afe82da9a6b03a98026
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:  1862954 aaa0817cb6b67729276e799275ad3346
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:    60090 b37d935af9661002730cd5cb2b3f11d3
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:    49838 a1d85e18616340eed3778b5286890c08
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:   339344 f3d29993795e7172667356c8d255f296
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb
      Size/MD5:   174354 b1d7b741729749c6a3249fbcd0babe56
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:    36676 c46beddd8f227e1ee0b1c9a80d41b19a
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:    88734 c8b70c2665734c45caa22ae41f60b486
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:  1865262 27de39c2fbe2471f11b7756b5bc02cc3
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:    60540 b54c6711e74c55777f0e509f642c42f0
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:    50860 64989632d1f49f5d25209bb9a68809d5
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:   337020 ca60ea21ad93aca447e1ae04e0ad818f
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb
      Size/MD5:   173276 6e0af5026f452171993817fbd6e6b4e7
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:    46932 d8e051bd4e95f28090036d7087437127
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:   110808 44e0741ccd8b9edab092b835c6831aca
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:  1949134 0facca356ce9e5ffdacffde23d0713e3
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:    59924 367a29bd4545906374eb27c511d33658
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:    54940 d762741ddd48f75e0e54ffd0efc45645
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:   341670 0958081b22a680ccf1f30abc36c06054
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb
      Size/MD5:   183238 e303094f36fcc1af0ac40321411bd90a
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:    38028 a8ee904a732a7392314b9b4f2faf5557
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:    91034 832edccd7ed2eec51759bbcce97536b1
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:  1897904 31192c6d2b5a6dca4eaf065c541795fc
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:    57856 398dadf7e1ee5075e4d3e2a4766b4580
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:    48242 cc45265b41fd932d084a6bce9888e67f
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:   341388 9411fb065604b882530faf47a0a85d4e
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb
      Size/MD5:   173184 4a5e9e3508932262eefe3b08f94019d0
    

    . ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-067 October 9, 2008

    -- CVE ID: CVE-2008-3641

    -- Affected Vendors: Apple

    -- Affected Products: Apple OS X

    -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6325.

    -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at:

    http://support.apple.com/kb/HT3216

    -- Disclosure Timeline: 2008-08-19 - Vulnerability reported to vendor 2008-10-09 - Coordinated public release of advisory

    -- Credit: This vulnerability was discovered by: * regenrecht

    -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.

    Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com
    

    The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.

    Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/
    

    CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com.


    Bist Du interessiert an einem neuen Job in IT-Sicherheit?

    Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/


    TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability

    SECUNIA ADVISORY ID: SA15895

    VERIFY ADVISORY: http://secunia.com/advisories/15895/

    CRITICAL: Highly critical

    IMPACT: System access

    WHERE:

    From remote

    SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/

    DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system. http://sourceforge.net/project/showfiles.php?group_id=66479

    OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    .

    CVE-2008-3640

    It was discovered that an integer overflow in the Postscript
    conversion tool "texttops" may lead to the execution of arbitrary
    code.
    

    For the stable distribution (etch), these problems have been fixed in version 1.2.7-4etch5.

    For the unstable distribution (sid) and the upcoming stable distribution (lenny), these problems have been fixed in version 1.3.8-1lenny2 of the source package cups.

    We recommend that you upgrade your cupsys package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz Size/MD5 checksum: 4214272 c9ba33356e5bb93efbcf77b6e142e498 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz Size/MD5 checksum: 108662 eab5aa097eaf3e802b4c6f1c60da9a03 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc Size/MD5 checksum: 1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb Size/MD5 checksum: 893832 0e7571a4a56cef8f099ba9300ed7330d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb Size/MD5 checksum: 46072 63a75f9fe31312a42725a786164f7762

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 39310 8dad5588b86a4e1191025015d8e0c5be http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1092376 35c1cd14d3f26fefafbebf1a76983740 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 85906 1d07dcf128e7b78992560b2794be29d4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 183726 06377f48f1ee358c494f30f9ab213e6b http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 1614540 e87b439635e9b7f7c1fa1c6db2f7291c http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 95570 8638b199a8adb989254cbe88ab11bb7d http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 175262 08dbbe7e941af9c28f39107f907c618a http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb Size/MD5 checksum: 72690 1c099120f9fdcb334d8699b6238c0883

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 142538 4f9183a690ac21a220771db117b1bcea http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 162520 f04bafe61b0e06d21b67441916a4df2a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 36356 eea9b0c14ac248313264474f4a103478 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 53022 f864e06d82bd0769e7c73d20aa6c3366 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 80708 9e8a7d08f6762753005bc2ac7ac04db7 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 86264 3784680669a08745d6c766213e3d60f3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1576062 c5f275763d3cd0bec5e448965780ea0b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb Size/MD5 checksum: 1088040 106654a5c5a746e5bd1043ca4309deae

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 132042 b1da3e68e04c68712a7f2ecebbea59d3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1026238 e776ce47912d97de7758029cddf18c41 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 155174 2203ae0043e540bb4c083c3f302294a9 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb Size/MD5 checksum: 78908 a60d8486ab41fe7064d84fdf1c057ce5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb Size/MD5 checksum: 48742 9c6f61fb9c5af3f1496c249eb79542ce http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb Size/MD5 checksum: 1569620 943fdc257cdf387c1a161adff88623bd http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb Size/MD5 checksum: 85468 3e9d699071d741d86c5e2fbcc91a5241 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb Size/MD5 checksum: 35940 0bb609f5c990c932c0fed843bb659062

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 84800 df6569c3eaad919b7f7768a75277838f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 91988 08040e0dcc8cc99298d40aa370be50cc http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1624214 e5d55a0aeacee0d85d7899018725b3d3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 153956 e11bfd3cb812f0892238a676a3453967 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 171790 5b483d2f739ed456d94cf28047b2b2f5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 39548 181a14e58af274287bf02f8a758b70b5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 57398 715a6f4bb1b68b8a384a85ac384de668 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb Size/MD5 checksum: 1032836 e1d9158ff6134678b976331566db0076

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb Size/MD5 checksum: 999302 2ccf6ae0ef6f3d3dd56e484ba2199313 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 160638 f22f7da23cd3dea82d49cc9900d62512 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 138276 392028f61da2c29dcab1ffe3b4fe072f http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb Size/MD5 checksum: 1548856 e1e04e47f556586eb83aff005d4870d2 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb Size/MD5 checksum: 36474 9bea3cd926f04da508b6a714f0a1daac http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb Size/MD5 checksum: 86776 f3188eafaa1bd01a7b92d9403aab03a1 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb Size/MD5 checksum: 79878 ba1ed2b707101da54b3990b33ee1d877 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb Size/MD5 checksum: 53276 346cdebc7980089b28610ceb30f65519

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106226 829b2e5f435c8fb5eee03513654ee12f http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 106998 08fcec24b8c165542d986a1fd174ddd3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 46336 32d29b5c2986070f5d5b909864952dc3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1771030 e7b261b4627ee20a3083a4f18a382e24 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 192370 576e218a37e677170e9201946f24da5a http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 1108310 bdee8fbcfd10ba2847ab81ced8e9cc73 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 204232 d5eb2138a8584813643dfe4e39d2fefb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb Size/MD5 checksum: 74224 846a87584f78285569aee9c037b677d9

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 158560 74bc73b9eb3c7494ce762f7beb9ab4cd http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1553460 cd35f3de34290840be09b1b10729d7b3 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 150900 150e5405933cef2a8cf9147d88c9a4fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 57860 2b7cdd4399e2893d2df0b5568d766239 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 86996 d4776eace76cb37f72557a44d053a677 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 1085494 429194a44228d669ecfa2acdeadf55e6 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 36058 f28b3f705fd293fc82a256d571119452 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb Size/MD5 checksum: 77448 4a9be71b3fc25253b1e77c2594e7f508

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 51880 d1b872415002b54aba1ef54833cd5564 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 90008 fe2be6aba034693532a01b653781f501 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1576600 d954a84710f9671d34eca72922f8d1d8 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 136868 ee633edb72a9d6d74481d9fe17d887d5 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 1143388 320529a907596704df487d89978e1948 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 41296 8e0fed6ae1645411f4daa52842ead589 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 163206 d0fc59550e27b346adb422e4d82cecaf http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb Size/MD5 checksum: 88476 dfe47fbfeef0a714d6397ec9467165af

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1037260 a151e36916ffd7eae88e6b82cc0c08d7 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb Size/MD5 checksum: 37420 b095022e25c603ee57748795c4ec423b http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb Size/MD5 checksum: 82338 3417e5562b6aa064ab5d3d11f15a69fb http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 87928 6eea10e5b223fbd5f5a8d524bb03ab8e http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb Size/MD5 checksum: 1587330 8b66abd7e3156f3beeaa27fbd971cbde http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb Size/MD5 checksum: 166710 10f172f4c48ab9981d7c48564a2142a4 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 144932 3955c00c6293f7aec0a7cb9edb28a16d http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb Size/MD5 checksum: 52524 b4e639621d58f91a8ec32043534c008f

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 51826 8e3613f9041774f1dd42586782780fb5 http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 159434 d2352f19b51feab43fc17b5e3f17bb2b http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 138734 8b53d144485267cb99ec8a32262446e8 http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 1577758 748b77d9e54a363d46cd61548e72df7c http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 996834 0ad8037cbb3959581a0aeb29eb84a853 http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 85790 16bf4ce2378a68fc9b0ce4052e463e5d http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 36062 426fe5dbac939828393d99e561abf0e3 http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb Size/MD5 checksum: 78608 f469105c5d9f121c333d5e4ac315c7be

    These files will probably be moved into the stable distribution on its next update.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd REIAn1hdR3STx867KCMafAi58O1fia05 =T/kw -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2008:211 http://www.mandriva.com/security/


    Package : cups Date : October 10, 2008 Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0


    Problem Description:

    A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered.

    An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter.

    Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter.

    The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641


    Updated Packages:

    Mandriva Linux 2007.1: d8041b477aac8897e465fd7885c4f046 2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm 85169e175683eee33f38c3dc6dca555d 2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm 3838db5f9b5313587335232f4bdfadb7 2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm 4dac70286d0aaa55d0c585c4e485f4d6 2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm 2647b541d7a80ea194d6cc4983342e14 2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm 5bf9cba238150a77016869b2b600e0bd 2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 27098b09dc01c70600c55572cb928422 2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm fbd01859759af3a2e32244cfff7aaa33 2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm 4197004f7a59cc90d8d51f8ff34e2997 2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm 6cc45d922f07d379db0de2e08eb1589e 2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm d7443db8a26f27b41c32c95dee129437 2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm eca467e20954fea23fd050ee41d2ca4a 2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm 3762b10d3a6b962ec6932856d635a119 2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm

    Mandriva Linux 2008.0: 837c0714eef677dfcdb1befc56012db5 2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm cb8d17edacf1dc1dc5915fbb35745d9a 2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm 635eb3405a6b5a4b93ca6373207093df 2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm 59939c1a2a730a0887750bafb4cabee1 2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm 6183d24df353f4e8082374951636a657 2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm 0f1df17bf9cc86bb607ef28d4b29c6b2 2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 5b73d5bfebbc66f8a56922c7b943f351 2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm a41d07d80c38b30ee5357b25f7b828ab 2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm 34d6d4eb79b1ee5a9235843398301646 2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm 3157dcaafb55463d8ad149d99e4d0c55 2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm 78b5f7fcedbbbef9c2318977b5f50264 2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm 082094f0923f72890f6dbb47eb9072b4 2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm 68ac87937182de901cece9b93ba700fa 2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm

    Mandriva Linux 2008.1: c22f4c131005e05768b0c45e931015c7 2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm 8f1ad7b01f0d48aa920cb2378f5fce0a 2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm 763dfee5def4727b34769298beb5c9fe 2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm dadd48446b97869372535fb2ef02a471 2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm cf48ae8c17120d7d83b638f432620797 2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm 33d7dcb6b32e58bc38e847f827447b54 2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm

    Mandriva Linux 2008.1/X86_64: 3804ff0deea819d375cdee86b1d98bf4 2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm 9f8550ffbb7778636b18c33c6854e163 2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm 077652b9f481f72873b6e94a0f54fe17 2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm 569bcdcf971b564d3ad3cec8b6281fec 2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm 05ce67f5f2bf9f27b69963bbc0ba3f6e 2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm 8a48fbfa84679702c496744f394ac4f6 2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm 25997a30a1fbc24e4a1a5017d15ac526 2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm

    Mandriva Linux 2009.0: 3480a3533f163c8559254c7dc7dccca4 2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm 2eda3ae527a0d6477bf2f52f57f37297 2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm 1b0849a0dcd6cc52debfdc23ca347e60 2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm 9ef6a24d1e8155bea9e7e148252dc4e7 2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm 2a8be000df9a71f506a039e58faaf1b4 2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm 7f04461fd982b387144f73612b3cbd86 2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm

    Mandriva Linux 2009.0/X86_64: 926221e97b7c4c52562468b26066f049 2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm 96abb10e235084a80cd17c79cc31a360 2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm cb817300fa6d8c9b40a0f8a01572d691 2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm d56cea0645b26b668f9b8a66f2dc090f 2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm f4a04369ad8d202d87ea49a3da4ab67c 2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm 85124180f179ae504ad2f27ef814683d 2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm 1c16860c6f7af958cb6744dd60ffd63e 2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm

    Corporate 3.0: d235e680a70a94ce2c32a556a1fea6d5 corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm eccffd52489f0aca14a11b6b88a5c59f corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm 743aad40e707a1c6ec8de19e6ba19668 corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm 931bd82e26396ef7109369893e8fb740 corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm 007b156ceb1f78c107a05bba499f544d corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm

    Corporate 3.0/X86_64: c57219da87ef50832e74efbfd3471f64 corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm 6f9772a800e70f1e3766d76de8dcf6e3 corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm e1221063527caed05a6e94f9cebed9ab corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm a0b15b24cfc995a7a769c1e87d53a696 corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm aaabff95ac9a30ff1d9ce224612bcb50 corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm 685d93ef91df7b10faefae3d9c8a2e20 corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm

    Corporate 4.0: 56f3e394ac8e4b4e7d423c7989d2e6af corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm dcb4425723e63a2d094305cde05890f3 corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm 348427ebb4f1f1f530c3c129850de957 corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm d0a8052949416c5ba260b48596cbf415 corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm ab7637abe249e4369cf39d37113ba37f corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm 86af12b21de1212e72286e9b2db23caa corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 59784628a2385248e8d71c1476773071 corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm a7933ad29b9a77973fcf7feb02c381b9 corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm 26da08a5da63053f418e47792cf26280 corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm 0614662f2661171ade097e562a94c635 corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm a899db16ce3db8ec71aaef67a6650616 corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm 9e3dc91c4390d7ba60ca26dcc095b8d8 corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm 5a7d0a19238e8b654821bb87355f9f27 corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum EnuxPIlaIiQWBIjMSk4WWoo= =aMXC -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-11


                                              http://security.gentoo.org/
    

    Severity: High
       Title: CUPS: Multiple vulnerabilities
        Date: December 10, 2008
        Bugs: #238976, #249727
          ID: 200812-11
    

    Synopsis

    Several remotely exploitable bugs have been found in CUPS, which allow remote execution of arbitrary code.

    Background

    CUPS is the Common Unix Printing System.

    Affected packages

      -------------------------------------------------------------------
       Package         /  Vulnerable  /                       Unaffected
      -------------------------------------------------------------------
    1  net-print/cups     < 1.3.9-r1                         >= 1.3.9-r1
    

    Description

    Several buffer overflows were found in:

    • The read_rle16 function in imagetops (CVE-2008-3639, found by regenrecht, reported via ZDI)

    • The WriteProlog function in texttops (CVE-2008-3640, found by regenrecht, reported via ZDI)

    • The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641, found by regenrecht, reported via iDefense)

    • The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs)

    Impact

    A remote attacker could send specially crafted input to a vulnerable server, resulting in the remote execution of arbitrary code with the privileges of the user running the server.

    Workaround

    None this time.

    Resolution

    All CUPS users should upgrade to the latest version.

      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-print/cups-1.3.9-r1"
    

    References

    [ 1 ] CVE-2008-3639
          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
    [ 2 ] CVE-2008-3640
          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
    [ 3 ] CVE-2008-3641
          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
    [ 4 ] CVE-2008-5286
          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286
    

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200812-11.xml
    

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.15"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.14"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.19"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.16"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.18"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.11"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.17"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "1.1.12"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.10-1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.20"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.5"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.5"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.5"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.9"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.6-3"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.12"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.10"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.9-1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.11"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.3"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.6"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.5-2"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.21"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.0"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.3"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.8"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.6"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.4"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.6-2"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.8"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.7"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.0"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.7"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.5-1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.6-1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.4"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.23"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.10"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.2.9"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.22"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "drupal",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "pear xml rpc",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpxmlrpc",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "postnuke",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "serendipity",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ubuntu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wordpress",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "xoops",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "phpmyfaq",
            "version": null
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "cups",
            "version": "1.3.9"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.4.11"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.5"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (hosting)"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "1.0 (workgroup)"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "3.0 (x64)"
          },
          {
            "_id": null,
            "model": "turbolinux client",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "turbolinux fuji",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux multimedia",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux personal",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "10 (x64)"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11 (x64)"
          },
          {
            "_id": null,
            "model": "wizpy",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "os x",
            "scope": null,
            "trust": 0.7,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.9"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 95",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11x64"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.21"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 93",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4-5"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20080"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4-2"
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.14"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.15"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101a",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 99",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 87",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 88",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "software products cups rc5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.19"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.1"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 100",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4-3"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.22"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.18"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.8"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.12"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 96",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "software products cups rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.22"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "appliance platform linux service",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.6"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.9"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 91",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 89",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "wizpy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "0"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.9"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 94",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 101",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.12"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.17"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 90",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.4"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.23"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.20"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "3.0x64"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2008"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "opensolaris build snv 102",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.7"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.0.4-8"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0.0x64"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "software products cups rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.23"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.16"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.19"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "opensolaris build snv 92",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "2"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-067"
          },
          {
            "db": "BID",
            "id": "31688"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3641"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:cups:cups",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_client",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_multimedia",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_personal",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "regenrecht",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-08-067"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2008-3641",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2008-3641",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-33766",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-3641",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#442845",
                "trust": 0.8,
                "value": "20.75"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-3641",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200810-160",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-33766",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3641"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory. A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Authentication is not required to exploit this vulnerability.The specific flaw exists in the Hewlett-Packard Graphics Language filter. CUPS is prone to a remote code-execution vulnerability caused by an error in the \u0027HP-GL/2 filter. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges. \nSuccessful remote exploits may require printer sharing to be enabled on the vulnerable system. \nThe issue affects  versions prior to CUPS 1.3.9. \nNOTE: This issue was previously discussed in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability. \nThe security update addresses a total of 11 new vulnerabilities that affect the ColorSync, CUPS, Finder, launchd, Networking, Postfix, PSNormalizer, rlogin, Script Editor, and Weblog components of Mac OS X. The advisory also contains security updates for 30 previously reported issues. An access checking bug in the HP Graphics Language (HPGL) filter could cause arbitrary memory to be overwritten with controlled data. ===========================================================\nUbuntu Security Notice USN-656-1           October 15, 2008\ncupsys vulnerabilities\nCVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  cupsys                          1.2.2-0ubuntu0.6.06.11\n\nUbuntu 7.04:\n  cupsys                          1.2.8-0ubuntu8.6\n\nUbuntu 7.10:\n  cupsys                          1.3.2-1ubuntu7.8\n\nUbuntu 8.04 LTS:\n  cupsys                          1.3.7-1ubuntu3.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that the SGI image filter in CUPS did not perform\nproper bounds checking. If a user or automated system were tricked\ninto opening a crafted SGI image, an attacker could cause a denial\nof service. (CVE-2008-3639)\n\nIt was discovered that the texttops filter in CUPS did not properly\nvalidate page metrics. If a user or automated system were tricked into\nopening a crafted text file, an attacker could cause a denial of\nservice. (CVE-2008-3640)\n\nIt was discovered that the HP-GL filter in CUPS did not properly check\nfor invalid pen parameters. If a user or automated system were tricked\ninto opening a crafted HP-GL or HP-GL/2 file, a remote attacker could\ncause a denial of service or execute arbitrary code with user\nprivileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by\nthe AppArmor CUPS profile. (CVE-2008-3641)\n\nNOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the\nthe fix for CVE-2008-1722 applied. This update includes fixes for the\nproblem. We apologize for the inconvenience. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz\n      Size/MD5:   102981 403c1494b264696702f055fc5cdcc60d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc\n      Size/MD5:     1052 cc47231c220e8d0e1659cf83d9e08445\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n      Size/MD5:  4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb\n      Size/MD5:      994 8b094f8389b70e0153d7bbfcd23ed912\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:    36226 ddea26501964356559ee3a11124acd8b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:    81902 670924b1b9a36db787e3b4cc6a7f1782\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:  2286676 455fe7748b3ab167658bb5b42ef0363a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:     6086 dc0bd3799366e32503466ba4588fc4df\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:    77226 31e781bf2c8f0f4140799b21b9d0484a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:    25742 6812b0831f37474b50607e4c6eb83fe5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb\n      Size/MD5:   129960 88a0b954c9f50df6aa37824b3da7041b\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:    34768 d04de29dfcca09a4dc70a385e8a0766b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:    77974 efed93511d0ee579706e5cf538378dbd\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:  2253974 30ac219c7cd66460df6fa2b76c147ae8\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:     6090 648459c3b58ddaf1fc646c8cd476e9f8\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:    76350 d044f4fa44a792c81bca198f44687a1e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:    25740 4c97e6e30f95bd3c3a32c761db4f5183\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb\n      Size/MD5:   122178 7298a6d762d2edbe6fd107656932f32a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:    40468 24cf01572a6f790296c1accba097352c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:    89528 0172b346d78458df1a6cd91a371b3b67\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:  2301292 f1a755a88fde554fdabbfb8081a88e52\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:     6098 f3e962ddc060712ed3ba78bb5625d5e4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:    79004 de095980afadd9352e5d7e92600d75b5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:    25744 21a4d908ae8de551cda885d4835d69c0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb\n      Size/MD5:   127932 6e50fa3fa4185c781551e5744331f20b\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:    35392 ede504cfaaf1e068c68b3fa759777098\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:    78712 49f458e339846bcc2eb9ffdc482de5be\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:  2287588 864ab74a020db94ab2acc1283720a05c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:     6092 58c6f56f79c35af1b0ca47eaeedd7ea3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:    76262 759f3df1a04440d71ae6634109045bf6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:    25740 8bbdc7b4842df909bdfb95b96fd9f884\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb\n      Size/MD5:   123662 4c4f4a4faae61a0c3901c63fe58bbf26\n\nUpdated packages for Ubuntu 7.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz\n      Size/MD5:   160216 80696d47933857b9665da1492f9a801b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc\n      Size/MD5:     1143 0dbd641692767f4e2e5b7f390c412a9f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz\n      Size/MD5:  4293194 107affe95fcf1cd4aaed4a5c73f4b91f\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb\n      Size/MD5:   926804 41e6c60357740e668198976afcce6bd1\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:    37404 2d7cb4cb3bfeeeb5af3db756f1a0a5be\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:    83230 361cd5ffca4125245798312c3a9c7eaa\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:  1638902 a502a4f981385dcba50ed5b6fc8fe969\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:    56598 a9f413ff725abe42af63312ea6e826e7\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:   104860 7bfc0e70546baa2c98421a9dd7a373e6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:   144852 9d30fa04e2aa415fb126188aa4d32349\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb\n      Size/MD5:   182728 0ed6d4f8c813e2c36bcaa7b7ca98ccad\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:    36712 014d51e184b4435a28c1e820455fb0a1\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:    80752 4d29ca2e6d3de00e3a10c55c677c8cd6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:  1621450 551c9d7c9836efe7a927a609699976ad\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:    55720 b70e3b3a1c86aa782a42fcf1a40ff197\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:   104592 ececfa4f50e077d5049116a47cc44965\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:   139320 b5c4606316c175feac7dd9a8f78acc56\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb\n      Size/MD5:   179030 b2bb50b90caac66408739e67ecc9fdb5\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:    46766 ad2b053736a2165b39f1749b7e3409e0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:   101094 bea4c45325710b1e2d5e67dceb7853bb\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:  1696124 7e3469aa52e2de4e93352e44f7623305\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:    56398 47755a89a609e4401d70f6adcfcfb9a5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:   110478 94a5f78770c410fce9a0c88a187fe9c4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:   141178 69f22a6730b291c9df2b0541c07223d6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb\n      Size/MD5:   188650 634498a8eb5ab4c75eab74e1655234b1\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:    37778 cde58d9fa7d256698ef6ba128b16a799\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:    83740 072c6f65496619d5808c542d3a2ebe97\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:  1659626 a5b6c19a436e9737af44cbaee93d093c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:    54928 5a8347021b82084600e0d08971cb41a3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:   104156 ca7b062c097aa7f92a9085615fc3e828\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:   141756 299acfe9e1964d21e7ba2fc3a390ded8\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb\n      Size/MD5:   178292 02e3059c98fb42cb83173e0b3a08d469\n\nUpdated packages for Ubuntu 7.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz\n      Size/MD5:   128977 cc7a79b80d0cc2caa8f9c5aea2f9397b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc\n      Size/MD5:     1218 4f603d11b93e600bd82009983bc88580\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz\n      Size/MD5:  4848424 9e3e1dee4d872fdff0682041198d3d73\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb\n      Size/MD5:  1080404 6419c157fd22fcfb2e1563ccced2fcae\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:    37204 88b05a4cbb9f5714951edade3dd0609b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:    89506 cb352043a1985e24614dc27ffa5ded01\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:  2034890 3a2c4daded2923691da8fe3f60d93f3e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:    60020 5007c193bb8416754a9d7e7ad09c4808\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:    46884 9a2fd628887a01cc2fcb49131ec8ed0f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:   152014 7a9debd353faa26803f0e8707a97697a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb\n      Size/MD5:   186418 13e510e27e1025732d203a933ded8ade\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:    36486 05cb382029ccb2285530af9de662b686\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:    86494 80b08f6080ed3c46e4fc954da05d9e6d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:  2018384 16b0a7b694a38e4616fce6415116a7e9\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:    58882 8572d274d06e1a650d2d5199ea5dcf6f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:    46280 158a4aef965ef1c697c5c7aef53f9e90\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:   145692 36b5af34074b13e44e2d2ae5f76fa6fc\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb\n      Size/MD5:   183190 fe12de8de5a779538844e2aecd5ccedb\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:    36570 f73b632b59630a2727e45be083730c23\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:    88054 07cfc2fdf8615471278b10550f713a3e\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:  2020696 d97dab5d5a099884f7bca77dd118233a\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:    59624 d582e3100eaf68e9b10585ca6ce0a078\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:    47662 a2e2c5cc101d720249efd108b1a724ca\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:   142426 8e91390ca3bb0bd98ab7a43017e38a90\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb\n      Size/MD5:   181382 0806d0e1be2fdb48b873ea977107b759\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:    46502 1f2a7db4dd6dfc7910a9c84f28425537\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:   107736 9a34baee6e8356d911d637e52fcb0747\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:  2099614 b0f8237ccff1e54e070645e79e085794\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:    59494 c3c1a6f415dacee7b5f0e63e0f83ca6c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:    51856 91fcaca5686ce2070e654699b60514f4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:   146952 205fedd96bd614314b2e9ecb18e78f53\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb\n      Size/MD5:   192204 0033c62b251a505fb7d80b5b8c96f6b6\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:    37558 f568ceabe0e419d263b75a5c852eb10a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:    89606 d916d0d9478082000a0f698347613387\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:  2061026 a1b9da985d3d0211790f170443e74ac9\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:    58098 dc5d816068b451c8926dd06a25e1715b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:    45572 9976f70a905893735ee445cca7ecda7f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:   148486 48954d641e131708913530887d28c064\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb\n      Size/MD5:   182218 074755797d588b92f7030c0a9562cb67\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz\n      Size/MD5:   133549 8146f7a668701caad4379707ccedf538\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc\n      Size/MD5:     1433 de3ffa5e20bdbc0bd61cf543cc2d351f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz\n      Size/MD5:  4700333 383e556d9841475847da6076c88da467\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb\n      Size/MD5:  1143834 7230e79bb0d6a1435f3ce0de114e1ad3\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:    37530 0362fc9c1260486e4d1dcccca8dc60a3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:    89982 9a1ac844025f66fb85357e1807256331\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:  1880646 233fbeadff826a6b6f22347559fe8bf5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:    60892 98a65443be4d97fb1de2f8580dd67e40\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:    50356 89ca2e97385912ebf2ffe8a0871610d5\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:   344926 631f297ea0a13321c61ee211d65fceab\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb\n      Size/MD5:   177500 8dd137567dbc9644bda3b0a799cb2f6a\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:    36952 deba752b21bdf04393626cf35ebb79eb\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:    88408 2e76b5856bde6afe82da9a6b03a98026\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:  1862954 aaa0817cb6b67729276e799275ad3346\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:    60090 b37d935af9661002730cd5cb2b3f11d3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:    49838 a1d85e18616340eed3778b5286890c08\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:   339344 f3d29993795e7172667356c8d255f296\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb\n      Size/MD5:   174354 b1d7b741729749c6a3249fbcd0babe56\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:    36676 c46beddd8f227e1ee0b1c9a80d41b19a\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:    88734 c8b70c2665734c45caa22ae41f60b486\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:  1865262 27de39c2fbe2471f11b7756b5bc02cc3\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:    60540 b54c6711e74c55777f0e509f642c42f0\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:    50860 64989632d1f49f5d25209bb9a68809d5\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:   337020 ca60ea21ad93aca447e1ae04e0ad818f\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb\n      Size/MD5:   173276 6e0af5026f452171993817fbd6e6b4e7\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:    46932 d8e051bd4e95f28090036d7087437127\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:   110808 44e0741ccd8b9edab092b835c6831aca\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:  1949134 0facca356ce9e5ffdacffde23d0713e3\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:    59924 367a29bd4545906374eb27c511d33658\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:    54940 d762741ddd48f75e0e54ffd0efc45645\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:   341670 0958081b22a680ccf1f30abc36c06054\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb\n      Size/MD5:   183238 e303094f36fcc1af0ac40321411bd90a\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:    38028 a8ee904a732a7392314b9b4f2faf5557\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:    91034 832edccd7ed2eec51759bbcce97536b1\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:  1897904 31192c6d2b5a6dca4eaf065c541795fc\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:    57856 398dadf7e1ee5075e4d3e2a4766b4580\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:    48242 cc45265b41fd932d084a6bce9888e67f\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:   341388 9411fb065604b882530faf47a0a85d4e\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb\n      Size/MD5:   173184 4a5e9e3508932262eefe3b08f94019d0\n\n\n. ZDI-08-067: Apple CUPS 1.3.7 (HP-GL/2 filter) Remote Code Execution \nVulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-08-067\nOctober 9, 2008\n\n-- CVE ID:\nCVE-2008-3641\n\n-- Affected Vendors:\nApple\n\n-- Affected Products:\nApple OS X\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6325. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://support.apple.com/kb/HT3216\n\n-- Disclosure Timeline:\n2008-08-19 - Vulnerability reported to vendor\n2008-10-09 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n    * regenrecht\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n    http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n    http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited.  If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nCVE-2008-3640\n\n    It was discovered that an integer overflow in the Postscript\n    conversion tool \"texttops\" may lead to the execution of arbitrary\n    code. \n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.2.7-4etch5. \n\nFor the unstable distribution (sid) and the upcoming stable distribution\n(lenny), these problems have been fixed in version 1.3.8-1lenny2 of\nthe source package cups. \n\nWe recommend that you upgrade your cupsys package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz\n    Size/MD5 checksum:  4214272 c9ba33356e5bb93efbcf77b6e142e498\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz\n    Size/MD5 checksum:   108662 eab5aa097eaf3e802b4c6f1c60da9a03\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc\n    Size/MD5 checksum:     1084 5fc7ea9d5c6434a9f2a45e3d7652b0fe\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb\n    Size/MD5 checksum:   893832 0e7571a4a56cef8f099ba9300ed7330d\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb\n    Size/MD5 checksum:    46072 63a75f9fe31312a42725a786164f7762\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:    39310 8dad5588b86a4e1191025015d8e0c5be\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:  1092376 35c1cd14d3f26fefafbebf1a76983740\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:    85906 1d07dcf128e7b78992560b2794be29d4\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:   183726 06377f48f1ee358c494f30f9ab213e6b\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:  1614540 e87b439635e9b7f7c1fa1c6db2f7291c\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:    95570 8638b199a8adb989254cbe88ab11bb7d\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:   175262 08dbbe7e941af9c28f39107f907c618a\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb\n    Size/MD5 checksum:    72690 1c099120f9fdcb334d8699b6238c0883\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:   142538 4f9183a690ac21a220771db117b1bcea\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:   162520 f04bafe61b0e06d21b67441916a4df2a\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:    36356 eea9b0c14ac248313264474f4a103478\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:    53022 f864e06d82bd0769e7c73d20aa6c3366\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:    80708 9e8a7d08f6762753005bc2ac7ac04db7\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:    86264 3784680669a08745d6c766213e3d60f3\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:  1576062 c5f275763d3cd0bec5e448965780ea0b\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb\n    Size/MD5 checksum:  1088040 106654a5c5a746e5bd1043ca4309deae\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:   132042 b1da3e68e04c68712a7f2ecebbea59d3\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:  1026238 e776ce47912d97de7758029cddf18c41\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:   155174 2203ae0043e540bb4c083c3f302294a9\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:    78908 a60d8486ab41fe7064d84fdf1c057ce5\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:    48742 9c6f61fb9c5af3f1496c249eb79542ce\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:  1569620 943fdc257cdf387c1a161adff88623bd\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:    85468 3e9d699071d741d86c5e2fbcc91a5241\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb\n    Size/MD5 checksum:    35940 0bb609f5c990c932c0fed843bb659062\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:    84800 df6569c3eaad919b7f7768a75277838f\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:    91988 08040e0dcc8cc99298d40aa370be50cc\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:  1624214 e5d55a0aeacee0d85d7899018725b3d3\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:   153956 e11bfd3cb812f0892238a676a3453967\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:   171790 5b483d2f739ed456d94cf28047b2b2f5\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:    39548 181a14e58af274287bf02f8a758b70b5\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:    57398 715a6f4bb1b68b8a384a85ac384de668\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb\n    Size/MD5 checksum:  1032836 e1d9158ff6134678b976331566db0076\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:   999302 2ccf6ae0ef6f3d3dd56e484ba2199313\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:   160638 f22f7da23cd3dea82d49cc9900d62512\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:   138276 392028f61da2c29dcab1ffe3b4fe072f\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:  1548856 e1e04e47f556586eb83aff005d4870d2\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:    36474 9bea3cd926f04da508b6a714f0a1daac\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:    86776 f3188eafaa1bd01a7b92d9403aab03a1\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:    79878 ba1ed2b707101da54b3990b33ee1d877\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb\n    Size/MD5 checksum:    53276 346cdebc7980089b28610ceb30f65519\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:   106226 829b2e5f435c8fb5eee03513654ee12f\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:   106998 08fcec24b8c165542d986a1fd174ddd3\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:    46336 32d29b5c2986070f5d5b909864952dc3\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:  1771030 e7b261b4627ee20a3083a4f18a382e24\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:   192370 576e218a37e677170e9201946f24da5a\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:  1108310 bdee8fbcfd10ba2847ab81ced8e9cc73\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:   204232 d5eb2138a8584813643dfe4e39d2fefb\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb\n    Size/MD5 checksum:    74224 846a87584f78285569aee9c037b677d9\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:   158560 74bc73b9eb3c7494ce762f7beb9ab4cd\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:  1553460 cd35f3de34290840be09b1b10729d7b3\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:   150900 150e5405933cef2a8cf9147d88c9a4fb\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:    57860 2b7cdd4399e2893d2df0b5568d766239\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:    86996 d4776eace76cb37f72557a44d053a677\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:  1085494 429194a44228d669ecfa2acdeadf55e6\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:    36058 f28b3f705fd293fc82a256d571119452\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb\n    Size/MD5 checksum:    77448 4a9be71b3fc25253b1e77c2594e7f508\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:    51880 d1b872415002b54aba1ef54833cd5564\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:    90008 fe2be6aba034693532a01b653781f501\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:  1576600 d954a84710f9671d34eca72922f8d1d8\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:   136868 ee633edb72a9d6d74481d9fe17d887d5\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:  1143388 320529a907596704df487d89978e1948\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:    41296 8e0fed6ae1645411f4daa52842ead589\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:   163206 d0fc59550e27b346adb422e4d82cecaf\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb\n    Size/MD5 checksum:    88476 dfe47fbfeef0a714d6397ec9467165af\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:  1037260 a151e36916ffd7eae88e6b82cc0c08d7\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:    37420 b095022e25c603ee57748795c4ec423b\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:    82338 3417e5562b6aa064ab5d3d11f15a69fb\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:    87928 6eea10e5b223fbd5f5a8d524bb03ab8e\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:  1587330 8b66abd7e3156f3beeaa27fbd971cbde\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:   166710 10f172f4c48ab9981d7c48564a2142a4\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:   144932 3955c00c6293f7aec0a7cb9edb28a16d\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb\n    Size/MD5 checksum:    52524 b4e639621d58f91a8ec32043534c008f\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:    51826 8e3613f9041774f1dd42586782780fb5\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:   159434 d2352f19b51feab43fc17b5e3f17bb2b\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:   138734 8b53d144485267cb99ec8a32262446e8\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:  1577758 748b77d9e54a363d46cd61548e72df7c\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:   996834 0ad8037cbb3959581a0aeb29eb84a853\n  http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:    85790 16bf4ce2378a68fc9b0ce4052e463e5d\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:    36062 426fe5dbac939828393d99e561abf0e3\n  http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb\n    Size/MD5 checksum:    78608 f469105c5d9f121c333d5e4ac315c7be\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkj8vewACgkQXm3vHE4uylo3VQCfe5/oLteemHII7TUL80ybcnZd\nREIAn1hdR3STx867KCMafAi58O1fia05\n=T/kw\n-----END PGP SIGNATURE-----\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                         MDVSA-2008:211\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : cups\n Date    : October 10, 2008\n Affected: 2007.1, 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n\n Problem Description:\n\n A buffer overflow in the SGI image format decoding routines used by the\n CUPS image converting filter imagetops was discovered. \n \n An integer overflow flaw leading to a heap buffer overflow was found\n in the Text-to-PostScript texttops filter. \n \n Finally, an insufficient buffer bounds checking flaw was found in\n the HP-GL/2-to-PostScript hpgltops filter. \n \n The updated packages have been patched to prevent this issue; for\n Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided\n that corrects these issues and also provides other bug fixes. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2007.1:\n d8041b477aac8897e465fd7885c4f046  2007.1/i586/cups-1.2.10-2.8mdv2007.1.i586.rpm\n 85169e175683eee33f38c3dc6dca555d  2007.1/i586/cups-common-1.2.10-2.8mdv2007.1.i586.rpm\n 3838db5f9b5313587335232f4bdfadb7  2007.1/i586/cups-serial-1.2.10-2.8mdv2007.1.i586.rpm\n 4dac70286d0aaa55d0c585c4e485f4d6  2007.1/i586/libcups2-1.2.10-2.8mdv2007.1.i586.rpm\n 2647b541d7a80ea194d6cc4983342e14  2007.1/i586/libcups2-devel-1.2.10-2.8mdv2007.1.i586.rpm\n 5bf9cba238150a77016869b2b600e0bd  2007.1/i586/php-cups-1.2.10-2.8mdv2007.1.i586.rpm \n 3762b10d3a6b962ec6932856d635a119  2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 27098b09dc01c70600c55572cb928422  2007.1/x86_64/cups-1.2.10-2.8mdv2007.1.x86_64.rpm\n fbd01859759af3a2e32244cfff7aaa33  2007.1/x86_64/cups-common-1.2.10-2.8mdv2007.1.x86_64.rpm\n 4197004f7a59cc90d8d51f8ff34e2997  2007.1/x86_64/cups-serial-1.2.10-2.8mdv2007.1.x86_64.rpm\n 6cc45d922f07d379db0de2e08eb1589e  2007.1/x86_64/lib64cups2-1.2.10-2.8mdv2007.1.x86_64.rpm\n d7443db8a26f27b41c32c95dee129437  2007.1/x86_64/lib64cups2-devel-1.2.10-2.8mdv2007.1.x86_64.rpm\n eca467e20954fea23fd050ee41d2ca4a  2007.1/x86_64/php-cups-1.2.10-2.8mdv2007.1.x86_64.rpm \n 3762b10d3a6b962ec6932856d635a119  2007.1/SRPMS/cups-1.2.10-2.8mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 837c0714eef677dfcdb1befc56012db5  2008.0/i586/cups-1.3.6-1.3mdv2008.0.i586.rpm\n cb8d17edacf1dc1dc5915fbb35745d9a  2008.0/i586/cups-common-1.3.6-1.3mdv2008.0.i586.rpm\n 635eb3405a6b5a4b93ca6373207093df  2008.0/i586/cups-serial-1.3.6-1.3mdv2008.0.i586.rpm\n 59939c1a2a730a0887750bafb4cabee1  2008.0/i586/libcups2-1.3.6-1.3mdv2008.0.i586.rpm\n 6183d24df353f4e8082374951636a657  2008.0/i586/libcups2-devel-1.3.6-1.3mdv2008.0.i586.rpm\n 0f1df17bf9cc86bb607ef28d4b29c6b2  2008.0/i586/php-cups-1.3.6-1.3mdv2008.0.i586.rpm \n 68ac87937182de901cece9b93ba700fa  2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 5b73d5bfebbc66f8a56922c7b943f351  2008.0/x86_64/cups-1.3.6-1.3mdv2008.0.x86_64.rpm\n a41d07d80c38b30ee5357b25f7b828ab  2008.0/x86_64/cups-common-1.3.6-1.3mdv2008.0.x86_64.rpm\n 34d6d4eb79b1ee5a9235843398301646  2008.0/x86_64/cups-serial-1.3.6-1.3mdv2008.0.x86_64.rpm\n 3157dcaafb55463d8ad149d99e4d0c55  2008.0/x86_64/lib64cups2-1.3.6-1.3mdv2008.0.x86_64.rpm\n 78b5f7fcedbbbef9c2318977b5f50264  2008.0/x86_64/lib64cups2-devel-1.3.6-1.3mdv2008.0.x86_64.rpm\n 082094f0923f72890f6dbb47eb9072b4  2008.0/x86_64/php-cups-1.3.6-1.3mdv2008.0.x86_64.rpm \n 68ac87937182de901cece9b93ba700fa  2008.0/SRPMS/cups-1.3.6-1.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n c22f4c131005e05768b0c45e931015c7  2008.1/i586/cups-1.3.6-5.2mdv2008.1.i586.rpm\n 8f1ad7b01f0d48aa920cb2378f5fce0a  2008.1/i586/cups-common-1.3.6-5.2mdv2008.1.i586.rpm\n 763dfee5def4727b34769298beb5c9fe  2008.1/i586/cups-serial-1.3.6-5.2mdv2008.1.i586.rpm\n dadd48446b97869372535fb2ef02a471  2008.1/i586/libcups2-1.3.6-5.2mdv2008.1.i586.rpm\n cf48ae8c17120d7d83b638f432620797  2008.1/i586/libcups2-devel-1.3.6-5.2mdv2008.1.i586.rpm\n 33d7dcb6b32e58bc38e847f827447b54  2008.1/i586/php-cups-1.3.6-5.2mdv2008.1.i586.rpm \n 25997a30a1fbc24e4a1a5017d15ac526  2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3804ff0deea819d375cdee86b1d98bf4  2008.1/x86_64/cups-1.3.6-5.2mdv2008.1.x86_64.rpm\n 9f8550ffbb7778636b18c33c6854e163  2008.1/x86_64/cups-common-1.3.6-5.2mdv2008.1.x86_64.rpm\n 077652b9f481f72873b6e94a0f54fe17  2008.1/x86_64/cups-serial-1.3.6-5.2mdv2008.1.x86_64.rpm\n 569bcdcf971b564d3ad3cec8b6281fec  2008.1/x86_64/lib64cups2-1.3.6-5.2mdv2008.1.x86_64.rpm\n 05ce67f5f2bf9f27b69963bbc0ba3f6e  2008.1/x86_64/lib64cups2-devel-1.3.6-5.2mdv2008.1.x86_64.rpm\n 8a48fbfa84679702c496744f394ac4f6  2008.1/x86_64/php-cups-1.3.6-5.2mdv2008.1.x86_64.rpm \n 25997a30a1fbc24e4a1a5017d15ac526  2008.1/SRPMS/cups-1.3.6-5.2mdv2008.1.src.rpm\n\n Mandriva Linux 2009.0:\n 3480a3533f163c8559254c7dc7dccca4  2009.0/i586/cups-1.3.9-0.1mdv2009.0.i586.rpm\n 2eda3ae527a0d6477bf2f52f57f37297  2009.0/i586/cups-common-1.3.9-0.1mdv2009.0.i586.rpm\n 1b0849a0dcd6cc52debfdc23ca347e60  2009.0/i586/cups-serial-1.3.9-0.1mdv2009.0.i586.rpm\n 9ef6a24d1e8155bea9e7e148252dc4e7  2009.0/i586/libcups2-1.3.9-0.1mdv2009.0.i586.rpm\n 2a8be000df9a71f506a039e58faaf1b4  2009.0/i586/libcups2-devel-1.3.9-0.1mdv2009.0.i586.rpm\n 7f04461fd982b387144f73612b3cbd86  2009.0/i586/php-cups-1.3.9-0.1mdv2009.0.i586.rpm \n 1c16860c6f7af958cb6744dd60ffd63e  2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n 926221e97b7c4c52562468b26066f049  2009.0/x86_64/cups-1.3.9-0.1mdv2009.0.x86_64.rpm\n 96abb10e235084a80cd17c79cc31a360  2009.0/x86_64/cups-common-1.3.9-0.1mdv2009.0.x86_64.rpm\n cb817300fa6d8c9b40a0f8a01572d691  2009.0/x86_64/cups-serial-1.3.9-0.1mdv2009.0.x86_64.rpm\n d56cea0645b26b668f9b8a66f2dc090f  2009.0/x86_64/lib64cups2-1.3.9-0.1mdv2009.0.x86_64.rpm\n f4a04369ad8d202d87ea49a3da4ab67c  2009.0/x86_64/lib64cups2-devel-1.3.9-0.1mdv2009.0.x86_64.rpm\n 85124180f179ae504ad2f27ef814683d  2009.0/x86_64/php-cups-1.3.9-0.1mdv2009.0.x86_64.rpm \n 1c16860c6f7af958cb6744dd60ffd63e  2009.0/SRPMS/cups-1.3.9-0.1mdv2009.0.src.rpm\n\n Corporate 3.0:\n d235e680a70a94ce2c32a556a1fea6d5  corporate/3.0/i586/cups-1.1.20-5.19.C30mdk.i586.rpm\n eccffd52489f0aca14a11b6b88a5c59f  corporate/3.0/i586/cups-common-1.1.20-5.19.C30mdk.i586.rpm\n 743aad40e707a1c6ec8de19e6ba19668  corporate/3.0/i586/cups-serial-1.1.20-5.19.C30mdk.i586.rpm\n 931bd82e26396ef7109369893e8fb740  corporate/3.0/i586/libcups2-1.1.20-5.19.C30mdk.i586.rpm\n 007b156ceb1f78c107a05bba499f544d  corporate/3.0/i586/libcups2-devel-1.1.20-5.19.C30mdk.i586.rpm \n 685d93ef91df7b10faefae3d9c8a2e20  corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n c57219da87ef50832e74efbfd3471f64  corporate/3.0/x86_64/cups-1.1.20-5.19.C30mdk.x86_64.rpm\n 6f9772a800e70f1e3766d76de8dcf6e3  corporate/3.0/x86_64/cups-common-1.1.20-5.19.C30mdk.x86_64.rpm\n e1221063527caed05a6e94f9cebed9ab  corporate/3.0/x86_64/cups-serial-1.1.20-5.19.C30mdk.x86_64.rpm\n a0b15b24cfc995a7a769c1e87d53a696  corporate/3.0/x86_64/lib64cups2-1.1.20-5.19.C30mdk.x86_64.rpm\n aaabff95ac9a30ff1d9ce224612bcb50  corporate/3.0/x86_64/lib64cups2-devel-1.1.20-5.19.C30mdk.x86_64.rpm \n 685d93ef91df7b10faefae3d9c8a2e20  corporate/3.0/SRPMS/cups-1.1.20-5.19.C30mdk.src.rpm\n\n Corporate 4.0:\n 56f3e394ac8e4b4e7d423c7989d2e6af  corporate/4.0/i586/cups-1.2.4-0.10.20060mlcs4.i586.rpm\n dcb4425723e63a2d094305cde05890f3  corporate/4.0/i586/cups-common-1.2.4-0.10.20060mlcs4.i586.rpm\n 348427ebb4f1f1f530c3c129850de957  corporate/4.0/i586/cups-serial-1.2.4-0.10.20060mlcs4.i586.rpm\n d0a8052949416c5ba260b48596cbf415  corporate/4.0/i586/libcups2-1.2.4-0.10.20060mlcs4.i586.rpm\n ab7637abe249e4369cf39d37113ba37f  corporate/4.0/i586/libcups2-devel-1.2.4-0.10.20060mlcs4.i586.rpm\n 86af12b21de1212e72286e9b2db23caa  corporate/4.0/i586/php-cups-1.2.4-0.10.20060mlcs4.i586.rpm \n 5a7d0a19238e8b654821bb87355f9f27  corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 59784628a2385248e8d71c1476773071  corporate/4.0/x86_64/cups-1.2.4-0.10.20060mlcs4.x86_64.rpm\n a7933ad29b9a77973fcf7feb02c381b9  corporate/4.0/x86_64/cups-common-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 26da08a5da63053f418e47792cf26280  corporate/4.0/x86_64/cups-serial-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 0614662f2661171ade097e562a94c635  corporate/4.0/x86_64/lib64cups2-1.2.4-0.10.20060mlcs4.x86_64.rpm\n a899db16ce3db8ec71aaef67a6650616  corporate/4.0/x86_64/lib64cups2-devel-1.2.4-0.10.20060mlcs4.x86_64.rpm\n 9e3dc91c4390d7ba60ca26dcc095b8d8  corporate/4.0/x86_64/php-cups-1.2.4-0.10.20060mlcs4.x86_64.rpm \n 5a7d0a19238e8b654821bb87355f9f27  corporate/4.0/SRPMS/cups-1.2.4-0.10.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFI8DeJmqjQ0CJFipgRAmbxAKCxSRvJTtancZ/puQkgifGbRQnZIQCg6Bum\nEnuxPIlaIiQWBIjMSk4WWoo=\n=aMXC\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200812-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                              http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n    Severity: High\n       Title: CUPS: Multiple vulnerabilities\n        Date: December 10, 2008\n        Bugs: #238976, #249727\n          ID: 200812-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nSeveral remotely exploitable bugs have been found in CUPS, which allow\nremote execution of arbitrary code. \n\nBackground\n==========\n\nCUPS is the Common Unix Printing System. \n\nAffected packages\n=================\n\n      -------------------------------------------------------------------\n       Package         /  Vulnerable  /                       Unaffected\n      -------------------------------------------------------------------\n    1  net-print/cups     \u003c 1.3.9-r1                         \u003e= 1.3.9-r1\n\nDescription\n===========\n\nSeveral buffer overflows were found in:\n\n* The read_rle16 function in imagetops (CVE-2008-3639, found by\n    regenrecht, reported via ZDI)\n\n* The WriteProlog function in texttops (CVE-2008-3640, found by\n    regenrecht, reported via ZDI)\n\n* The Hewlett-Packard Graphics Language (HPGL) filter (CVE-2008-3641,\n    found by regenrecht, reported via iDefense)\n\n* The _cupsImageReadPNG function (CVE-2008-5286, reported by iljavs)\n\nImpact\n======\n\nA remote attacker could send specially crafted input to a vulnerable\nserver, resulting in the remote execution of arbitrary code with the\nprivileges of the user running the server. \n\nWorkaround\n==========\n\nNone this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version. \n\n      # emerge --sync\n      # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.3.9-r1\"\n\nReferences\n==========\n\n    [ 1 ] CVE-2008-3639\n          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639\n    [ 2 ] CVE-2008-3640\n          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640\n    [ 3 ] CVE-2008-3641\n          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641\n    [ 4 ] CVE-2008-5286\n          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5286\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n    http://security.gentoo.org/glsa/glsa-200812-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-3641"
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-067"
          },
          {
            "db": "BID",
            "id": "31688"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          },
          {
            "db": "PACKETSTORM",
            "id": "70974"
          },
          {
            "db": "PACKETSTORM",
            "id": "70829"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "PACKETSTORM",
            "id": "71087"
          },
          {
            "db": "PACKETSTORM",
            "id": "70839"
          },
          {
            "db": "PACKETSTORM",
            "id": "72870"
          }
        ],
        "trust": 4.14
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-33766",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-3641",
            "trust": 4.3
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-067",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "31688",
            "trust": 2.8
          },
          {
            "db": "SECTRACK",
            "id": "1021031",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "32222",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "32226",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "32084",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "31681",
            "trust": 2.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-3401",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2780",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2782",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1568",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "33568",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "32316",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "33111",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "33085",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "32284",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "32292",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "32331",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "15895",
            "trust": 0.9
          },
          {
            "db": "SECUNIA",
            "id": "15810",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15922",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15852",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15855",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15861",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15862",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15872",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15883",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "15884",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "14088",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1014327",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-367",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160",
            "trust": 0.7
          },
          {
            "db": "CUPS.ORG",
            "id": "HTTP://WWW.CUPS.ORG/ARTICLES.PHP?L575",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2008:0937",
            "trust": 0.6
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200812-11",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "45779",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20081010 ZDI-08-067: APPLE CUPS 1.3.7 (HP-GL/2 FILTER) REMOTE CODE EXECUTION VULNERABILITY",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SR:2008:021",
            "trust": 0.6
          },
          {
            "db": "SUSE",
            "id": "SUSE-SR:2009:002",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-656-1",
            "trust": 0.6
          },
          {
            "db": "SUNALERT",
            "id": "261088",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-8801",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-8844",
            "trust": 0.6
          },
          {
            "db": "DEBIAN",
            "id": "DSA-1656",
            "trust": 0.6
          },
          {
            "db": "APPLE",
            "id": "APPLE-SA-2008-10-09",
            "trust": 0.6
          },
          {
            "db": "MANDRIVA",
            "id": "MDVSA-2008:211",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "70829",
            "trust": 0.2
          },
          {
            "db": "EXPLOIT-DB",
            "id": "32470",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-85754",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-33766",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "70974",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "38388",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "71087",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "70839",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "72870",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-067"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          },
          {
            "db": "BID",
            "id": "31688"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "PACKETSTORM",
            "id": "70974"
          },
          {
            "db": "PACKETSTORM",
            "id": "70829"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "PACKETSTORM",
            "id": "71087"
          },
          {
            "db": "PACKETSTORM",
            "id": "70839"
          },
          {
            "db": "PACKETSTORM",
            "id": "72870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3641"
          }
        ]
      },
      "id": "VAR-200810-0138",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:15:18.511000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HT3216",
            "trust": 1.5,
            "url": "http://support.apple.com/kb/HT3216"
          },
          {
            "title": "HT3216",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT3216?viewlocale=ja_JP"
          },
          {
            "title": "cups-1.2.4-11.18.2.1AXS3",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=354"
          },
          {
            "title": "STR #2911",
            "trust": 0.8,
            "url": "http://www.cups.org/str.php?L2911"
          },
          {
            "title": "1352",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=1352"
          },
          {
            "title": "RHSA-2008:0937",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2008-0937.html"
          },
          {
            "title": "TLSA-2008-43",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2008/TLSA-2008-43.txt"
          },
          {
            "title": "RHSA-2008:0937",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0937J.html"
          },
          {
            "title": "TLSA-2008-43",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2008/TLSA-2008-43j.txt"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-08-067"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3641"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 3.1,
            "url": "http://support.apple.com/kb/ht3216"
          },
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/31688"
          },
          {
            "trust": 2.5,
            "url": "http://www.securitytracker.com/id?1021031"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/32084"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/32222"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/32226"
          },
          {
            "trust": 2.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2008-470.htm"
          },
          {
            "trust": 2.0,
            "url": "http://www.cups.org/str.php?l2911"
          },
          {
            "trust": 1.8,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-08-067"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2008/oct/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/31681"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2008/dsa-1656"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00331.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-october/msg00380.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200812-11.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:211"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0937.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/32284"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/32292"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/32316"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/33085"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/33111"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/33568"
          },
          {
            "trust": 1.7,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-261088-1"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2009/1568"
          },
          {
            "trust": 1.4,
            "url": "http://www.cups.org/articles.php?l575"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2782"
          },
          {
            "trust": 1.4,
            "url": "http://www.frsirt.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/497221/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9666"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/32331"
          },
          {
            "trust": 1.1,
            "url": "https://usn.ubuntu.com/656-1/"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2780"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2782"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/3401"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45779"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3641"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15895/"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/15852/"
          },
          {
            "trust": 0.8,
            "url": "http://www.hardened-php.net/advisory-022005.php"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15861/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15862/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15884/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15883/"
          },
          {
            "trust": 0.8,
            "url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15855/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15810/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15872/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/15922/"
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
          },
          {
            "trust": 0.8,
            "url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/14088"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3641"
          },
          {
            "trust": 0.6,
            "url": "http://www.apple.com/macosx/"
          },
          {
            "trust": 0.6,
            "url": "http://cups.org/articles.php?l575"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/45779"
          },
          {
            "trust": 0.6,
            "url": "http://www.ubuntulinux.org/support/documentation/usn/usn-656-1"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/497221/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/3401"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3641"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3639"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3640"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-261088-1"
          },
          {
            "trust": 0.3,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-08-067/"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3639"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3640"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.11_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.2-1ubuntu7.8_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1722"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.2.8-0ubuntu8.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.2-1ubuntu7.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.2-1ubuntu7.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.8-0ubuntu8.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.8-0ubuntu8.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.2-1ubuntu7.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.11.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.8-0ubuntu8.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.11_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.11_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.2-1ubuntu7.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
          },
          {
            "trust": 0.1,
            "url": "http://www.tippingpoint.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/3699/"
          },
          {
            "trust": 0.1,
            "url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_vacancies/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-gnutls10_1.2.7-4etch5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-common_1.2.7-4etch5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-bsd_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2_1.2.7-4etch5_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-dbg_1.2.7-4etch5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2-dev_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys_1.2.7-4etch5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsys2-dev_1.2.7-4etch5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/cupsys-client_1.2.7-4etch5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/c/cupsys/libcupsimage2_1.2.7-4etch5_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-5286"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5286"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200812-11.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-067"
          },
          {
            "db": "VULHUB",
            "id": "VHN-33766"
          },
          {
            "db": "BID",
            "id": "31688"
          },
          {
            "db": "BID",
            "id": "31681"
          },
          {
            "db": "PACKETSTORM",
            "id": "70974"
          },
          {
            "db": "PACKETSTORM",
            "id": "70829"
          },
          {
            "db": "PACKETSTORM",
            "id": "38388"
          },
          {
            "db": "PACKETSTORM",
            "id": "71087"
          },
          {
            "db": "PACKETSTORM",
            "id": "70839"
          },
          {
            "db": "PACKETSTORM",
            "id": "72870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3641"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#442845",
            "ident": null
          },
          {
            "db": "ZDI",
            "id": "ZDI-08-067",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-33766",
            "ident": null
          },
          {
            "db": "BID",
            "id": "31688",
            "ident": null
          },
          {
            "db": "BID",
            "id": "31681",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "70974",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "70829",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "38388",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "71087",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "70839",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "72870",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001826",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-3641",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2005-07-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845",
            "ident": null
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "ZDI",
            "id": "ZDI-08-067",
            "ident": null
          },
          {
            "date": "2008-10-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33766",
            "ident": null
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31688",
            "ident": null
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "BID",
            "id": "31681",
            "ident": null
          },
          {
            "date": "2008-10-16T00:26:26",
            "db": "PACKETSTORM",
            "id": "70974",
            "ident": null
          },
          {
            "date": "2008-10-11T18:39:14",
            "db": "PACKETSTORM",
            "id": "70829",
            "ident": null
          },
          {
            "date": "2005-07-01T23:31:00",
            "db": "PACKETSTORM",
            "id": "38388",
            "ident": null
          },
          {
            "date": "2008-10-21T00:23:21",
            "db": "PACKETSTORM",
            "id": "71087",
            "ident": null
          },
          {
            "date": "2008-10-11T19:00:49",
            "db": "PACKETSTORM",
            "id": "70839",
            "ident": null
          },
          {
            "date": "2008-12-10T23:04:12",
            "db": "PACKETSTORM",
            "id": "72870",
            "ident": null
          },
          {
            "date": "2007-05-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-160",
            "ident": null
          },
          {
            "date": "2008-11-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001826",
            "ident": null
          },
          {
            "date": "2008-10-10T10:30:03.077000",
            "db": "NVD",
            "id": "CVE-2008-3641",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2007-03-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#442845",
            "ident": null
          },
          {
            "date": "2008-10-09T00:00:00",
            "db": "ZDI",
            "id": "ZDI-08-067",
            "ident": null
          },
          {
            "date": "2018-10-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-33766",
            "ident": null
          },
          {
            "date": "2015-05-07T17:05:00",
            "db": "BID",
            "id": "31688",
            "ident": null
          },
          {
            "date": "2009-03-24T16:56:00",
            "db": "BID",
            "id": "31681",
            "ident": null
          },
          {
            "date": "2009-06-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200810-160",
            "ident": null
          },
          {
            "date": "2008-12-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001826",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-3641",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "70974"
          },
          {
            "db": "PACKETSTORM",
            "id": "70829"
          },
          {
            "db": "PACKETSTORM",
            "id": "72870"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "_id": null,
        "data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#442845"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200810-160"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201302-0305

    Vulnerability from variot - Updated: 2026-04-10 23:13

    Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)

    A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA52166

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    RELEASE DATE: 2013-02-12

    DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/52166/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

    1) Some unspecified errors can be exploited to cause buffer overflows.

    2) Some use-after-free errors can be exploited to dereference already freed memory.

    4) An unspecified error can be exploited to corrupt memory.

    5) An unspecified error can be exploited to corrupt memory.

    6) An unspecified error can be exploited to disclose certain sensitive information.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.

    ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows)"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player for android",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include ) (windows"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 64-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(macintosh    linux)"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 32-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (macintosh)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.186.7"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.5"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.43"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.19"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.22"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.185.24"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.26"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "57918"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1369"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player_for_android",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_8",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security Team",
        "sources": [
          {
            "db": "BID",
            "id": "57918"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-1369",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-1369",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-61371",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-1369",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-1369",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201302-177",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-61371",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1369"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-0645 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2013:0254-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date:        2013-02-13\nCVE Names:         CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n                   CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n                   CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n                   CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n                   CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n                   CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-1369"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          },
          {
            "db": "BID",
            "id": "57918"
          },
          {
            "db": "VULHUB",
            "id": "VHN-61371"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-1369",
            "trust": 3.0
          },
          {
            "db": "USCERT",
            "id": "TA13-043A",
            "trust": 1.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52166",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52164",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52197",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52203",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52163",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "57918",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-61371",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61371"
          },
          {
            "db": "BID",
            "id": "57918"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1369"
          }
        ]
      },
      "id": "VAR-201302-0305",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61371"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:13:02.295000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB13-05",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "title": "APSB13-05 (cq02121817)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "openSUSE-SU-2013:0295",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "title": "SUSE-SU-2013:0296",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "title": "openSUSE-SU-2013:0298",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "title": "RHSA-2013:0254",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
          },
          {
            "title": "install_flash_player_11_linux.i386",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45304"
          },
          {
            "title": "install_flash_player_osx",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45303"
          },
          {
            "title": "install_flashplayer11x32_mssd_aih",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45302"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61371"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1369"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1369"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta13-043a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1369"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52163"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52164"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52166"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52197"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52203"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/air/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=a9881e951162efc516b6200542b62cc0?externalid=kb34774\u0026sliceid=1\u0026cmd=displaykc\u0026doctype=kc\u0026nocount=true\u0026vieweddocslisthelper=com.kanisa.a"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-61371"
          },
          {
            "db": "BID",
            "id": "57918"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1369"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-61371",
            "ident": null
          },
          {
            "db": "BID",
            "id": "57918",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2013-1369",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-61371",
            "ident": null
          },
          {
            "date": "2013-02-12T00:00:00",
            "db": "BID",
            "id": "57918",
            "ident": null
          },
          {
            "date": "2013-02-13T19:12:55",
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2013-02-12T06:40:24",
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-177",
            "ident": null
          },
          {
            "date": "2013-02-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001471",
            "ident": null
          },
          {
            "date": "2013-02-12T20:55:04.887000",
            "db": "NVD",
            "id": "CVE-2013-1369",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-61371",
            "ident": null
          },
          {
            "date": "2015-03-19T08:23:00",
            "db": "BID",
            "id": "57918",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-177",
            "ident": null
          },
          {
            "date": "2013-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001471",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-1369",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001471"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-177"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201003-1075

    Vulnerability from variot - Updated: 2026-04-10 23:06

    Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553. (DoS) There is a vulnerability that could result in a condition. This vulnerability is CVE-2009-3553 This vulnerability is due to an insufficient fix for .Interfering with service operation by a third party (DoS) It may be in a state. CUPS is prone to a denial-of-service vulnerability. NOTE: This issue is due to an incomplete fix for BID 37048 (CUPS File Descriptors Handling Remote Denial Of Service Vulnerability). A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The way the cupsdDoSelect() function in the scheduler/select.c file of CUPS handles references in its file descriptor processing interface has a use-after-free error. A remote attacker can query the current print job list of a specific printer in a special way. Cause cupsd to crash. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2010:073-1 http://www.mandriva.com/security/


    Package : cups Date : April 14, 2010 Affected: 2010.0


    Problem Description:

    Multiple vulnerabilities has been found and corrected in cups:

    CUPS in does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors related to (a) the product's web interface, (b) the configuration of the print system, and (c) the titles of printed jobs (CVE-2009-2820).

    The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with format string specifiers (CVE-2010-0393).

    The updated packages have been patched to correct these issues.

    Update:

    Packages for Mandriva Linux 2010.0 was missing with MDVSA-2010:073. This advisory provides packages for 2010.0 as well.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0302 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393


    Updated Packages:

    Mandriva Linux 2010.0: ba3d43f654fd15aea9f81eadb57c3022 2010.0/i586/cups-1.4.1-12.1mdv2010.0.i586.rpm b1f275796b029190380e40ae23ae8ed0 2010.0/i586/cups-common-1.4.1-12.1mdv2010.0.i586.rpm 296b30522aa7c008767c6b285aa4b715 2010.0/i586/cups-serial-1.4.1-12.1mdv2010.0.i586.rpm b3abb3c2299c1cb32848c0ee5954eed8 2010.0/i586/libcups2-1.4.1-12.1mdv2010.0.i586.rpm d91c255a1e42e5988f1d8d2d94ffd369 2010.0/i586/libcups2-devel-1.4.1-12.1mdv2010.0.i586.rpm ba336d918bbe9d03cf4fa823293bfb37 2010.0/i586/php-cups-1.4.1-12.1mdv2010.0.i586.rpm c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm

    Mandriva Linux 2010.0/X86_64: 7c089025f467e5b366e57a15e85857ce 2010.0/x86_64/cups-1.4.1-12.1mdv2010.0.x86_64.rpm 0e0e4ad3a4d42022d22a88ee8568f8bf 2010.0/x86_64/cups-common-1.4.1-12.1mdv2010.0.x86_64.rpm cb7b4cadce5a174bbd4027f478b38c26 2010.0/x86_64/cups-serial-1.4.1-12.1mdv2010.0.x86_64.rpm 653bd25375281b919c6438e71052359d 2010.0/x86_64/lib64cups2-1.4.1-12.1mdv2010.0.x86_64.rpm 7bebd27fa6ce2aa5667d28fd7b06702e 2010.0/x86_64/lib64cups2-devel-1.4.1-12.1mdv2010.0.x86_64.rpm 34452fc88d7a16591eb653a32c6daa28 2010.0/x86_64/php-cups-1.4.1-12.1mdv2010.0.x86_64.rpm c3aee001d1629963053f475a49b7cd5d 2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFLxclfmqjQ0CJFipgRAmhmAJ4qtZ7GxqbmNOSfJeozcsqRCBvAsACg2vG+ NRt/ytxq5LWHwOAGFnOKnIw= =ayqT -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-906-1 March 03, 2010 cups, cupsys vulnerabilities CVE-2009-3553, CVE-2010-0302, CVE-2010-0393 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.17 cupsys-client 1.2.2-0ubuntu0.6.06.17

    Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.8 cupsys-client 1.3.7-1ubuntu3.8

    Ubuntu 8.10: cups 1.3.9-2ubuntu9.5 cups-client 1.3.9-2ubuntu9.5

    Ubuntu 9.04: cups 1.3.9-17ubuntu3.6 cups-client 1.3.9-17ubuntu3.6

    Ubuntu 9.10: cups 1.4.1-5ubuntu2.4 cups-client 1.4.1-5ubuntu2.4

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    It was discovered that the CUPS scheduler did not properly handle certain network operations. A local attacker could exploit this with a format-string vulnerability leading to a root privilege escalation. The default compiler options for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to a denial of service. (CVE-2010-0393)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.diff.gz
      Size/MD5:   106482 26e1af0359723f0fe887019ea8973a7e
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.dsc
      Size/MD5:     1061 400968d3ecf83db01f0a427f10f2998e
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz
      Size/MD5:  4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.17_all.deb
      Size/MD5:      998 776cbf76de0fa4da83fa66cac2a2ee9c
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:    36220 1a0b165edf4aaff4b063ef5ffb44aec3
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:    81834 6fc3613d660d8193ef5bc8820a7241d9
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:  2289018 87d64d2f3a97289ad6b6db57d090ca2d
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:     6090 85aeada029ad3c01ff7f1e18f9ea9cc2
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:    77908 96e28918fdf830eb12336aadedf9f281
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:    25740 85b73ffa3c93b1cca0f9421fdaa01cc3
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_amd64.deb
      Size/MD5:   130734 938995599b4be32a725528c80981fa78
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:    34766 47d4bdcf450f6d8d30206c35192f1b7d
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:    77930 e830a9300772160fb0a6748da948f246
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:  2256104 bcfa53bda3ed0c1e50636e804af11055
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:     6094 34a470a2aaff3e3ab10eea29a1bd8200
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:    77022 ab3b5c283d4ec643297685c034f1073c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:    25748 d5904841e833850731621090c1b88c8c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_i386.deb
      Size/MD5:   122908 eb39cde640458c67403c00cfd65ea312
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:    40474 a47c9a5aad3feee3c9218d32e3f03f85
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:    89482 81e3f9ad6e8fe3cb3096b133bfb4fb5b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:  2303712 fffb516669489cf38ce5f410b58112af
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:     6092 8c6d3af926e6729378b1ba23508e3c6b
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:    79548 169e4c3351cf2ef0c99e478d8e2a3a46
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:    25740 f0d21ba1ea537495d3953a22999d1dd4
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_powerpc.deb
      Size/MD5:   128662 98b0c1483cc7021fff335da8d79c67c2
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:    35388 1128a347e119ca9525784ed50da5d0ab
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:    78684 596751675fee6063e59dab02e7b44543
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:  2289934 9bd77e6533b77678840172bcf285c157
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:     6096 a11d49069913645b3a947d2dfa6f5f84
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:    76832 c1049c92d30205b8032648dfbd90299c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:    25744 d2d1088e3744d305b6c90aca7eda4be0
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_sparc.deb
      Size/MD5:   124486 60a22b1cccb08eaab9847b9e87c59032
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.diff.gz
      Size/MD5:   141577 5cb2a7055c83f2535e6704212c06ea0c
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.dsc
      Size/MD5:     1442 d42e1f9c2424210f66acfaeb4ecf293a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz
      Size/MD5:  4700333 383e556d9841475847da6076c88da467
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.8_all.deb
      Size/MD5:  1144392 72c2295be929ac91622921b866586810
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:    37522 606cf4d3db841e5c7699af8e6063d28a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:    90020 5494f76c3c0aff50e61b0e7065d4fc45
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:  1882420 fbf517a3c599b99d5ea8936c09f4a6d6
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:    60800 2b3dd2ab96e425ab134602608f0d3530
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:    50216 27fb4f492cc7bf62c01a275741d37011
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:   345048 0525be5bc4dd045cd78a1b284f98398a
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_amd64.deb
      Size/MD5:   178536 a044522e561b9b3be73617a175cc399d
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:    36956 0507d5e834e622f33412109dcb260037
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:    88530 244e700f4596074b37c4b7acb984dacc
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:  1864902 b6f438dea33b89a9f268d732d670faf1
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:    60090 e83c89c8fe55e2f2e79d424e4231f8a1
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:    49862 97abed0edb9dfbd42e8ba975c424e6d8
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:   339414 1e4250fd6c379296cfba76f67ab97465
    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_i386.deb
      Size/MD5:   175410 efdf295f468c419fd957e69f98fd715a
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:    36660 58ce4787d4d5b43fdc762f21f06bb6bf
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:    88834 ea87ff5e386e37ddcd2a3678e85764e5
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:  1867016 ba1534fcc9263b70868c4ed449529e25
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:    60492 e06a5a3660f9967ec6e0040a486d7362
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:    50808 ca0c034e3beff76b902c6471afbd7268
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:   337072 bfaa21b082ce3052922a179d522213d4
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_lpia.deb
      Size/MD5:   174440 8e2dd41e1e07942ee0f53e05c608206a
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:    46932 a5d83468e8e0269a483c914230768ea3
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:   110654 ec3d80099ccbaeb3f0929644f45bbd75
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:  1951280 f475ae7f5ae8ad00bc1ebd7c4634c3ae
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:    59922 cb7e8e802dfbe515260578f585ee4427
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:    54924 234a155df73c7ef047ac3c5c8b2e132a
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:   341760 1ada03ee442854916b34f267b1301407
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_powerpc.deb
      Size/MD5:   184292 e080a077141436e9837682cf5c6e56e1
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:    38038 15aef403a65149edb1b6e3c87bbcf1e3
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:    91026 a4ade2e1d03f94b36122a5788f37cc97
    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:  1899806 de0f0a1899697c7add1960031257c51e
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:    57822 c2af4acac6a11e98f72703a25b2ebdfc
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:    48224 cf486639b2c6b6247afe109eb73e30d7
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:   341494 8c21fd99687d9fd49fa97e6c4638338e
    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_sparc.deb
      Size/MD5:   174130 9c878b37d2afd35ee0b50c077490112e
    

    Updated packages for Ubuntu 8.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.diff.gz
      Size/MD5:   331097 6adf07d4858d39e6047a97c0a312901e
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.dsc
      Size/MD5:     2044 d77dce1f6e35cabbd18e84a7c7031b0d
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
      Size/MD5:  4809771 e6f2d90491ed050e5ff2104b617b88ea
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:  1163190 5c0dee3c7fd7541494ff7dc348be8728
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:    58560 74c932189d98c843872876adc83c989e
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:    58568 0666bac83bfb1edcc37931ad25588204
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:    58562 f524010f0aea453b001b084250bb7063
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:    58552 a55ec8b8772c680a7413afb1b069ee3e
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:    58574 420d72079939829054f9bb7978375ecd
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:     4536 660fc4e6b26c050504a674aec5e0b8cd
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.5_all.deb
      Size/MD5:    58560 919055c4a196d7cfa5e93a3e73de24f9
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:    37296 0640e7fff6aa2dbbc93a839f641e1da0
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:   119772 fc950280a6a56b99486a29868c65bf9a
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:  1688940 84c0da9c505411cd3cbee063687215fa
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:  2174144 1bff27592c202999f0fd2705eeb8282e
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:   352308 bcdc4e90a86a22e503cf20e492f57e0f
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:   173636 d477c60212f8098b6e92c2b5ec0b7ee2
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:    61320 35baa0391a49f0490f49a97d5c8d57d4
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_amd64.deb
      Size/MD5:    52322 d0caa49b4da1ea3ce447d2fa161d7394
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:    36226 1374ff5d461c4aafe2b57822f45c11c6
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:   115316 0a8d0a452e3cd7d37eb72a9b4bacd8c8
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:  1549000 468b48af21f437e2942d4b447d18d9ef
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:  2141316 d117bac8e26451e37827a62749d39b4d
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:   346096 26576542e0a94b17da8ddd971fbffa90
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:   170556 7739c110695754553926fad31463187f
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:    60538 5c5832067d06795cbab9e65a885ba240
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_i386.deb
      Size/MD5:    51720 e7d90e5e4eac150dfd205ac17b686cc8
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:    36028 5bfdf3e87b3764eb20c0093fb1de1d3e
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:   114504 a4f3e28e6eb86599111687a0f7235c45
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:  1577892 6c0014be2e9e878679480239a494e917
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:  2138164 0a4c78f2bda571599ecffc75dade8006
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:   343092 df67f3a082314f41e14cdf97c35c4668
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:   168874 dcdab1a3f91f1f2a91a20d01873545ba
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:    60626 27c5b3fec56fcb1d7215fd35dfa31ec1
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_lpia.deb
      Size/MD5:    52394 5644013cd3dec455b6b6d88b4306d67d
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:    43566 986c0bd78d2fc4fb5ae76598b24b1a41
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:   138118 cc8ece0b9d10792ead1b7902924a6a81
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:  1669132 eefc44a29391bb799adc54b6cb412cf3
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:  2266096 b798bac78d4f645b90683b3a7901ff4d
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:   348056 e9100409aabe02a51ea9fd6c315ab5b6
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:   177934 9d812213782055304cc92b4b3ca69894
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:    61266 7287aa743d0135c2d16bf29acf9cf915
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_powerpc.deb
      Size/MD5:    57452 b132aaccd9bcf40dc9ae38783f69c6a6
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:    37220 5399de66103270899259960bb9d61345
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:   117550 80acdf6867e804b3aa00055737534b57
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:  1496764 e434ccdce381acf459b8d387881057d9
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:  2202892 bbe3b1587f55b0bd868ce5e6fd4a38e9
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:   344914 8a6824c84362ffbf4f9846a65045354a
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:   166792 2be506fc868b369e46cf9f9d5fe83e69
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:    57854 aef2dd0a14d3a8f01142d78e40ddcb67
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_sparc.deb
      Size/MD5:    49804 8d12ec1a43df8c8c40f88082139d2785
    

    Updated packages for Ubuntu 9.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.diff.gz
      Size/MD5:   335789 4f5f61340c4875048c60d69f82dec645
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.dsc
      Size/MD5:     1995 e338a99e7a2e02a57415885e285f3bb1
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz
      Size/MD5:  4809771 e6f2d90491ed050e5ff2104b617b88ea
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:  1165632 9b0854975cf994bd9233d6469e777e01
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:    60870 0e74155e761a4d852866bfdac0fb18fb
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:    60876 ad4e2582235225612d6c14e65dbcba3d
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:    60868 636f7492dabc042d1bc7e11864b38df1
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:    60872 47806c56c4700090e125496e23d8529c
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:     4516 0e4d49c326db4af8add9edd88b561ad9
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:    60856 09bb0b47cf251fde476503402b0d0518
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.6_all.deb
      Size/MD5:    60866 02b07214f91997c6b4f5d017aff0655e
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:    37294 f14e9d6deb8a90dc55ba033dd6932f29
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:   119756 b6d1f12fdca56879c84d177280535945
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:  1664430 e0829de2955259a1169ca120f0a0a674
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:  2170170 47904ff162f68734105645d802262448
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:   352252 cff0030f199a0c96accc192e4168339c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:   177900 da8f57dc1c56c823d459c12b98e64d2a
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:    61264 5deccf4e07529b9e4676a83a556cebde
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_amd64.deb
      Size/MD5:    52226 306d5a5075974aa902c7e10066420efa
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:    36230 5d95974ec58afa8d26b10d7b9c46a66b
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:   115278 9011610cdad6d618456f508e3fe02107
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:  1523946 660619a4cbb8df04bd81354ab6059f6c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:  2136486 7f7dea27d4901a02daf9497bd242e2d9
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:   346068 67c31d2afa56164900bb916480386b79
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:   174416 c84631d45fd35facbf136270470844d4
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:    60498 31d407917c749a659835e23c99eef0bb
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_i386.deb
      Size/MD5:    51542 5026ab999fb97ac800bd185af3a8cff1
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:    36022 952070683ed6130fbc8e5531e2142063
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:   114500 977d5c00dc13327bc0c9bce453473388
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:  1552094 4fecfb548b223615fc7ce88f8fb94264
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:  2134028 8dad89838f050c4a375c01ab4b3b2559
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:   343052 0139347ae444d4d9f0b9b1420ebfc04f
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:   172714 406bb68cba379412650849ea003eb537
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:    60668 0a2993f0ac79fc4a91648991be1b0976
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_lpia.deb
      Size/MD5:    52342 a501ebcafdf48300f5326632ce1b08b6
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:    43574 ae6a41699272fc0b360ba6555fd4e7ef
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:   138086 95d5d1551240a86de61f4472f8433d01
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:  1640174 24942cd5b3e82cb8f700880ace4cb40b
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:  2257684 78ff8dc9f337c46ade897f22092939af
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:   347984 9663f15cddd48aaa7d389ce1244aebc1
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:   183308 1d188a3ea31eaba68b620b8fece8fcd8
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:    61306 56306bfa507550c07d02b820380e19c3
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_powerpc.deb
      Size/MD5:    57406 be85c41fd62fcaf3a28107a1614146d4
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:    37218 adeb034eaeadb51fd3723f382cab7b7c
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:   117506 7a8039312accd4ce6be1596403616744
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:  1468404 c3f80af2a2fc00c590562ea19e6fe9f2
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:  2203876 b75a1f2918317d00cc1540014c42e8d0
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:   344838 5976a1b94be50118b6ddcdc4b40de073
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:   170236 262941bf660cc95765b72cf5aa13e14d
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:    57860 36426cde9ee4e2e2dc813ba4d0e98f19
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_sparc.deb
      Size/MD5:    49702 590f4b45bf412b2f59d9ad4ea395754c
    

    Updated packages for Ubuntu 9.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.diff.gz
      Size/MD5:   414730 d1a0c764ccf1fedd4c3427c45d19a9ca
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.dsc
      Size/MD5:     2273 4a8ceed09060814e0cf5070412e06aae
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz
      Size/MD5:  5287327 4dc8f431ef50752dfd61d9d4959abd06
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:  1419910 5ccad7198ba64c4d2e487109d38baf6c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:    69572 33961e905c819b2d67c641fa0226596f
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:    69534 04b34f17b2f23a24254d74d266121b10
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:    69562 f624d2fcb8549771cd920148ba2ace45
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:    69574 e0b8e717d5bd0740c7af047debb050f7
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:     4548 45c04ec4b5ef40e7b5a05b97cfff0821
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.4_all.deb
      Size/MD5:    69554 10ac2f07563d4eb693e27195b7778935
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    36708 60bcfe9509bf6c460a24b32f3dc22f3a
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:   120258 31f336e66b77fdb68624eee6c3f6aa86
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    89636 f2300503230b0418b939bbf0acbddd50
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:  1909456 70052df26d278ec8fbcb89e92801f59c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:   210406 50cf5e47fc69aa59dafcc51fd1ba7aca
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:   218936 7f04aa35b965955b0c12566d18dd27bc
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:   101856 80b6e20deaa9ec8006b6233daea025c4
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    31586 cac166753bfc5dad29293f69669402fe
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    90190 bdf93f96a315ba2313eb0bc86a24fa2b
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    22192 be5b0eba29c355d76aa86db66b328b8c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    61528 bcfe65ac2cd9cfab070635f5ede4482b
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    53160 a3cff812c204698c97027c47a2a8032d
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    81196 7fdf8a14125aed96ba11cfad2df8450b
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    15492 406aa3da43f5949e6d062bf117a8656c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:   143032 c29bf3ee9e457b0096ada17948d85afb
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    60098 1cd00de7321f747b33a82c06bec69625
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_amd64.deb
      Size/MD5:    34526 8a2d07f4f318a7fb578aef25a1fa106b
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    35470 59752d8fe6b0ab6b4be4bc9553dd67fe
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:   115326 24a5ebd4c6b0c9932ec34481bdfc27fd
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    88804 71f3cbd750cb6283dc29cdea5e7b8dd3
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:  1867476 93037d1769ff83d77a6da5ed93e82058
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:   199428 dc33c5038d26a0b76f1b694598c004a0
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:   213030 031bc59c14807b8d6c7347c2a3ba2e8c
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:   101048 e751022124d2496ac051280b70e75d88
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    31376 133412f956a2808d74ae62bc73ca6c48
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    90402 4c375adba3718768e98346d10ecfc2ed
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    22060 6969c7f346d155095980d127763e205a
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    60314 6d620c4a4380d7e65c2dcf147c7df896
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    52412 6641e47022e889de1525eaf5c5305eca
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    81106 7e3b8f7ddec3a8a5b8377b0234270268
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    15206 fd9858648c9df78fae4a974955c0e475
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:   141568 1db2ce91ffedfa1bbde68b2756cfe389
    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    61438 1299d9de795e485872507e21e42b20e5
    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_i386.deb
      Size/MD5:    32824 a7d8171d0f2888bb97f59387b5953db2
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    35442 dd26d3e196a3bc1880331dc3821cdbab
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:   115178 76977be3cbcb0d5f4a22ada4071188e4
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    88774 6516931d5dce31c51b80f107a6c78f29
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:  1865004 e482b421a57cc75b18d979de2e82fb7a
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:   196772 061c86b147f9fdb980e7d40d8e84dabd
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:   211440 13a330ef0e77a7f20f0e803140148905
    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:   100448 17f556fffdb82e83559268361e0eb53f
    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    31206 27d0d62e0c989545ed7455f832eb2b25
    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    89820 86176d7a6557617ff30aa83bcc875196
    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    21778 e04668e8936e1d32e7e33414e570fcee
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    59950 9569de467d24173a0c35b838fea647fc
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    52576 582213e9cde03104f3c1795d06984197
    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    81056 c1a6cca183116319ed1a095806cf1c8c
    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    15304 21d41f59b097afbd27a12f7c9e877b32
    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:   141898 15553deba7c1e9c98136330e97b59119
    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    62662 ecc362e334c91a0530c356b17e6a2641
    http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_lpia.deb
      Size/MD5:    33264 325a9170ecf6cd1dc9f955be9bbc1d24
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    37006 3acbe062b83fdc269964eef5675a89c5
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:   121650 74995951c11f700b551f6c8ce2badb23
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    89384 8f0ce2467cda194e493e87369aab765d
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:  1930866 ef1a8fd29f47f928b81c785730ce89d9
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:   203588 decd7de1cafe69b61d713988fe55af37
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:   223504 f60c1ea0858fd39961852c870c7fce49
    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:   101020 c0ad517da1a8bc09ccf97903a3ded8c9
    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    33348 2424426af873cd4207b8226ebb8490c5
    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    89594 9e6125fb851403ef7e80f09840eaa89a
    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    22324 a4b8cbb7319e42721479d3092ef23f16
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    60618 01ffa1358e2fb0c5dd307cd8d135c14f
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    55376 fa276276aa683c19b9fc10bf65372347
    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    81558 c9060c3ec4eca6ae2ce532f44298e556
    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    15790 c857b043bf0bb4ff3dfc0db38de89f99
    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:   141118 92099a9250e369378fe8287e556b21a7
    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    64954 b7da8579507c4db05cc78df34d289f76
    http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_powerpc.deb
      Size/MD5:    34790 964c7ecb9faa3a0b1a115a2a06a66e75
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    36068 7ab9b44191ad5078c5f63a521744ca23
    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:   117816 2be453254c5f80dc1c353acc62a3c443
    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    89232 09f73b5d95d3248b5ecc0393036ddbff
    http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:  1954238 7f4762af124ba5e650569b6fa2fbb5c7
    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:   201516 730d6a0e1428a7165e01a565cc810d8a
    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:   210594 4f16bfe7a76a1c9cb137401290c4f5c1
    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:   102698 fe023955fc4e93236d2ff46b685bc32b
    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    31560 4be671eb7500d06a1f949df0d92086e7
    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    89804 3e5dbcf536bc2be0435561b4997c796e
    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    21380 fce9fff2a5bc990ae97cd67569805789
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    58150 e5a43b39220105101c69480fa63075f5
    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    50290 1cf2e270243b8f0a6cc56405a8c5bd94
    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    80330 fd1073834591fd282edc82e516d7e533
    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    14380 e00615f5e33b445f214fd1205b1948cb
    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:   144322 85692c2dcfd49bb0c0e0aad28ccb670c
    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    61450 c809cd1adf184af7e35e60fa9c9c55e3
    http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_sparc.deb
      Size/MD5:    33858 2bddab9378a2a4e3938ce6ed39dc807e
    

    . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201207-10


                                            http://security.gentoo.org/
    

    Severity: High Title: CUPS: Multiple vulnerabilities Date: July 09, 2012 Bugs: #295256, #308045, #325551, #380771 ID: 201207-10


    Synopsis

    Multiple vulnerabilities have been found in CUPS, some of which may allow execution of arbitrary code or local privilege escalation.

    Background

    CUPS, the Common Unix Printing System, is a full-featured print server.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 net-print/cups < 1.4.8-r1 >= 1.4.8-r1

    Description

    Multiple vulnerabilities have been discovered in CUPS. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker may be able to execute arbitrary code using specially crafted streams, IPP requests or files, or cause a Denial of Service (daemon crash or hang). A local attacker may be able to gain escalated privileges or overwrite arbitrary files. Furthermore, a remote attacker may be able to obtain sensitive information from the CUPS process or hijack a CUPS administrator authentication request.

    Workaround

    There is no known workaround at this time.

    Resolution

    All CUPS users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=net-print/cups-1.4.8-r1"

    NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 03, 2011. It is likely that your system is already no longer affected by this issue.

    References

    [ 1 ] CVE-2009-3553 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553 [ 2 ] CVE-2010-0302 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302 [ 3 ] CVE-2010-0393 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393 [ 4 ] CVE-2010-0540 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540 [ 5 ] CVE-2010-0542 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542 [ 6 ] CVE-2010-1748 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748 [ 7 ] CVE-2010-2431 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431 [ 8 ] CVE-2010-2432 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432 [ 9 ] CVE-2010-2941 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941 [ 10 ] CVE-2011-3170 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201207-10.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.6.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.6.4"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.6.0"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5.8"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.5.8"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.4.4"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "11"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.6.4"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "apple mac os x server",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30a2\u30c3\u30d7\u30eb",
            "version": null
          },
          {
            "_id": null,
            "model": "cups",
            "scope": null,
            "trust": 0.8,
            "vendor": "cups",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux appliance server",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
            "version": null
          },
          {
            "_id": null,
            "model": "apple mac os x",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30a2\u30c3\u30d7\u30eb",
            "version": null
          },
          {
            "_id": null,
            "model": "red hat enterprise linux eus",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "red hat enterprise linux desktop",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux client",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
            "version": null
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b5\u30a4\u30d0\u30fc\u30c8\u30e9\u30b9\u30c8\u682a\u5f0f\u4f1a\u793e",
            "version": null
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "1.3.7"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "1.3.10"
          },
          {
            "_id": null,
            "model": "cups",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "1.3.9"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "moblin",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "moblin",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.10"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.9"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.8"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.7"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.6"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.5"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.3"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.12"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.10"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.9"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.8"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.4"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "software products cups rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.23"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.23"
          },
          {
            "_id": null,
            "model": "software products cups rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.22"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.22"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.21"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.20"
          },
          {
            "_id": null,
            "model": "software products cups rc5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.19"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.19"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.18"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.17"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.16"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.15"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.14"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.13"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.12"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.10"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4-5"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4-3"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4-2"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.0.4-8"
          },
          {
            "_id": null,
            "model": "software products cups",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "easy",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "38510"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0302"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Red Hat",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2010-0302",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2010-0302",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-42907",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2010-0302",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2010-0302",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2010-0302",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2010-0302",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201003-067",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-42907",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-42907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0302"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denial of service (daemon crash or hang) via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3553. (DoS) There is a vulnerability that could result in a condition. This vulnerability is CVE-2009-3553 This vulnerability is due to an insufficient fix for .Interfering with service operation by a third party (DoS) It may be in a state. CUPS is prone to a denial-of-service vulnerability. \nNOTE: This issue is due to an incomplete fix for BID 37048 (CUPS File Descriptors Handling Remote Denial Of Service Vulnerability). \nA remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. The way the cupsdDoSelect() function in the scheduler/select.c file of CUPS handles references in its file descriptor processing interface has a use-after-free error. A remote attacker can query the current print job list of a specific printer in a special way. Cause cupsd to crash. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                       MDVSA-2010:073-1\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : cups\n Date    : April 14, 2010\n Affected: 2010.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in cups:\n \n CUPS in does not properly handle (1) HTTP headers and (2) HTML\n templates, which allows remote attackers to conduct cross-site\n scripting (XSS) attacks and HTTP response splitting attacks via vectors\n related to (a) the product\u0027s web interface, (b) the configuration of\n the print system, and (c) the titles of printed jobs (CVE-2009-2820). \n \n The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS\n 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable\n to determine the file that provides localized message strings, which\n allows local users to gain privileges via a file that contains crafted\n localization data with format string specifiers (CVE-2010-0393). \n \n The updated packages have been patched to correct these issues. \n\n Update:\n\n Packages for Mandriva Linux 2010.0 was missing with\n MDVSA-2010:073. This advisory provides packages for 2010.0 as well. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0302\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2010.0:\n ba3d43f654fd15aea9f81eadb57c3022  2010.0/i586/cups-1.4.1-12.1mdv2010.0.i586.rpm\n b1f275796b029190380e40ae23ae8ed0  2010.0/i586/cups-common-1.4.1-12.1mdv2010.0.i586.rpm\n 296b30522aa7c008767c6b285aa4b715  2010.0/i586/cups-serial-1.4.1-12.1mdv2010.0.i586.rpm\n b3abb3c2299c1cb32848c0ee5954eed8  2010.0/i586/libcups2-1.4.1-12.1mdv2010.0.i586.rpm\n d91c255a1e42e5988f1d8d2d94ffd369  2010.0/i586/libcups2-devel-1.4.1-12.1mdv2010.0.i586.rpm\n ba336d918bbe9d03cf4fa823293bfb37  2010.0/i586/php-cups-1.4.1-12.1mdv2010.0.i586.rpm \n c3aee001d1629963053f475a49b7cd5d  2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 7c089025f467e5b366e57a15e85857ce  2010.0/x86_64/cups-1.4.1-12.1mdv2010.0.x86_64.rpm\n 0e0e4ad3a4d42022d22a88ee8568f8bf  2010.0/x86_64/cups-common-1.4.1-12.1mdv2010.0.x86_64.rpm\n cb7b4cadce5a174bbd4027f478b38c26  2010.0/x86_64/cups-serial-1.4.1-12.1mdv2010.0.x86_64.rpm\n 653bd25375281b919c6438e71052359d  2010.0/x86_64/lib64cups2-1.4.1-12.1mdv2010.0.x86_64.rpm\n 7bebd27fa6ce2aa5667d28fd7b06702e  2010.0/x86_64/lib64cups2-devel-1.4.1-12.1mdv2010.0.x86_64.rpm\n 34452fc88d7a16591eb653a32c6daa28  2010.0/x86_64/php-cups-1.4.1-12.1mdv2010.0.x86_64.rpm \n c3aee001d1629963053f475a49b7cd5d  2010.0/SRPMS/cups-1.4.1-12.1mdv2010.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLxclfmqjQ0CJFipgRAmhmAJ4qtZ7GxqbmNOSfJeozcsqRCBvAsACg2vG+\nNRt/ytxq5LWHwOAGFnOKnIw=\n=ayqT\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-906-1             March 03, 2010\ncups, cupsys vulnerabilities\nCVE-2009-3553, CVE-2010-0302, CVE-2010-0393\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  cupsys                          1.2.2-0ubuntu0.6.06.17\n  cupsys-client                   1.2.2-0ubuntu0.6.06.17\n\nUbuntu 8.04 LTS:\n  cupsys                          1.3.7-1ubuntu3.8\n  cupsys-client                   1.3.7-1ubuntu3.8\n\nUbuntu 8.10:\n  cups                            1.3.9-2ubuntu9.5\n  cups-client                     1.3.9-2ubuntu9.5\n\nUbuntu 9.04:\n  cups                            1.3.9-17ubuntu3.6\n  cups-client                     1.3.9-17ubuntu3.6\n\nUbuntu 9.10:\n  cups                            1.4.1-5ubuntu2.4\n  cups-client                     1.4.1-5ubuntu2.4\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nIt was discovered that the CUPS scheduler did not properly handle certain\nnetwork operations. A local attacker could exploit this with a format-string\nvulnerability leading to a root privilege escalation. The default compiler\noptions for Ubuntu 8.10, 9.04 and 9.10 should reduce this vulnerability to\na denial of service. (CVE-2010-0393)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.diff.gz\n      Size/MD5:   106482 26e1af0359723f0fe887019ea8973a7e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.dsc\n      Size/MD5:     1061 400968d3ecf83db01f0a427f10f2998e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz\n      Size/MD5:  4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.17_all.deb\n      Size/MD5:      998 776cbf76de0fa4da83fa66cac2a2ee9c\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:    36220 1a0b165edf4aaff4b063ef5ffb44aec3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:    81834 6fc3613d660d8193ef5bc8820a7241d9\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:  2289018 87d64d2f3a97289ad6b6db57d090ca2d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:     6090 85aeada029ad3c01ff7f1e18f9ea9cc2\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:    77908 96e28918fdf830eb12336aadedf9f281\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:    25740 85b73ffa3c93b1cca0f9421fdaa01cc3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_amd64.deb\n      Size/MD5:   130734 938995599b4be32a725528c80981fa78\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:    34766 47d4bdcf450f6d8d30206c35192f1b7d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:    77930 e830a9300772160fb0a6748da948f246\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:  2256104 bcfa53bda3ed0c1e50636e804af11055\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:     6094 34a470a2aaff3e3ab10eea29a1bd8200\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:    77022 ab3b5c283d4ec643297685c034f1073c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:    25748 d5904841e833850731621090c1b88c8c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_i386.deb\n      Size/MD5:   122908 eb39cde640458c67403c00cfd65ea312\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:    40474 a47c9a5aad3feee3c9218d32e3f03f85\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:    89482 81e3f9ad6e8fe3cb3096b133bfb4fb5b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:  2303712 fffb516669489cf38ce5f410b58112af\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:     6092 8c6d3af926e6729378b1ba23508e3c6b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:    79548 169e4c3351cf2ef0c99e478d8e2a3a46\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:    25740 f0d21ba1ea537495d3953a22999d1dd4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_powerpc.deb\n      Size/MD5:   128662 98b0c1483cc7021fff335da8d79c67c2\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:    35388 1128a347e119ca9525784ed50da5d0ab\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:    78684 596751675fee6063e59dab02e7b44543\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:  2289934 9bd77e6533b77678840172bcf285c157\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:     6096 a11d49069913645b3a947d2dfa6f5f84\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:    76832 c1049c92d30205b8032648dfbd90299c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:    25744 d2d1088e3744d305b6c90aca7eda4be0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_sparc.deb\n      Size/MD5:   124486 60a22b1cccb08eaab9847b9e87c59032\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.diff.gz\n      Size/MD5:   141577 5cb2a7055c83f2535e6704212c06ea0c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.dsc\n      Size/MD5:     1442 d42e1f9c2424210f66acfaeb4ecf293a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz\n      Size/MD5:  4700333 383e556d9841475847da6076c88da467\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.8_all.deb\n      Size/MD5:  1144392 72c2295be929ac91622921b866586810\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:    37522 606cf4d3db841e5c7699af8e6063d28a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:    90020 5494f76c3c0aff50e61b0e7065d4fc45\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:  1882420 fbf517a3c599b99d5ea8936c09f4a6d6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:    60800 2b3dd2ab96e425ab134602608f0d3530\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:    50216 27fb4f492cc7bf62c01a275741d37011\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:   345048 0525be5bc4dd045cd78a1b284f98398a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_amd64.deb\n      Size/MD5:   178536 a044522e561b9b3be73617a175cc399d\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:    36956 0507d5e834e622f33412109dcb260037\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:    88530 244e700f4596074b37c4b7acb984dacc\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:  1864902 b6f438dea33b89a9f268d732d670faf1\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:    60090 e83c89c8fe55e2f2e79d424e4231f8a1\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:    49862 97abed0edb9dfbd42e8ba975c424e6d8\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:   339414 1e4250fd6c379296cfba76f67ab97465\n    http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_i386.deb\n      Size/MD5:   175410 efdf295f468c419fd957e69f98fd715a\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:    36660 58ce4787d4d5b43fdc762f21f06bb6bf\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:    88834 ea87ff5e386e37ddcd2a3678e85764e5\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:  1867016 ba1534fcc9263b70868c4ed449529e25\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:    60492 e06a5a3660f9967ec6e0040a486d7362\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:    50808 ca0c034e3beff76b902c6471afbd7268\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:   337072 bfaa21b082ce3052922a179d522213d4\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_lpia.deb\n      Size/MD5:   174440 8e2dd41e1e07942ee0f53e05c608206a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:    46932 a5d83468e8e0269a483c914230768ea3\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:   110654 ec3d80099ccbaeb3f0929644f45bbd75\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:  1951280 f475ae7f5ae8ad00bc1ebd7c4634c3ae\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:    59922 cb7e8e802dfbe515260578f585ee4427\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:    54924 234a155df73c7ef047ac3c5c8b2e132a\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:   341760 1ada03ee442854916b34f267b1301407\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_powerpc.deb\n      Size/MD5:   184292 e080a077141436e9837682cf5c6e56e1\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:    38038 15aef403a65149edb1b6e3c87bbcf1e3\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:    91026 a4ade2e1d03f94b36122a5788f37cc97\n    http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:  1899806 de0f0a1899697c7add1960031257c51e\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:    57822 c2af4acac6a11e98f72703a25b2ebdfc\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:    48224 cf486639b2c6b6247afe109eb73e30d7\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:   341494 8c21fd99687d9fd49fa97e6c4638338e\n    http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_sparc.deb\n      Size/MD5:   174130 9c878b37d2afd35ee0b50c077490112e\n\nUpdated packages for Ubuntu 8.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.diff.gz\n      Size/MD5:   331097 6adf07d4858d39e6047a97c0a312901e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.dsc\n      Size/MD5:     2044 d77dce1f6e35cabbd18e84a7c7031b0d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz\n      Size/MD5:  4809771 e6f2d90491ed050e5ff2104b617b88ea\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:  1163190 5c0dee3c7fd7541494ff7dc348be8728\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:    58560 74c932189d98c843872876adc83c989e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:    58568 0666bac83bfb1edcc37931ad25588204\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:    58562 f524010f0aea453b001b084250bb7063\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:    58552 a55ec8b8772c680a7413afb1b069ee3e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:    58574 420d72079939829054f9bb7978375ecd\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:     4536 660fc4e6b26c050504a674aec5e0b8cd\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.5_all.deb\n      Size/MD5:    58560 919055c4a196d7cfa5e93a3e73de24f9\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:    37296 0640e7fff6aa2dbbc93a839f641e1da0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:   119772 fc950280a6a56b99486a29868c65bf9a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:  1688940 84c0da9c505411cd3cbee063687215fa\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:  2174144 1bff27592c202999f0fd2705eeb8282e\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:   352308 bcdc4e90a86a22e503cf20e492f57e0f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:   173636 d477c60212f8098b6e92c2b5ec0b7ee2\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:    61320 35baa0391a49f0490f49a97d5c8d57d4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_amd64.deb\n      Size/MD5:    52322 d0caa49b4da1ea3ce447d2fa161d7394\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:    36226 1374ff5d461c4aafe2b57822f45c11c6\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:   115316 0a8d0a452e3cd7d37eb72a9b4bacd8c8\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:  1549000 468b48af21f437e2942d4b447d18d9ef\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:  2141316 d117bac8e26451e37827a62749d39b4d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:   346096 26576542e0a94b17da8ddd971fbffa90\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:   170556 7739c110695754553926fad31463187f\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:    60538 5c5832067d06795cbab9e65a885ba240\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_i386.deb\n      Size/MD5:    51720 e7d90e5e4eac150dfd205ac17b686cc8\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:    36028 5bfdf3e87b3764eb20c0093fb1de1d3e\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:   114504 a4f3e28e6eb86599111687a0f7235c45\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:  1577892 6c0014be2e9e878679480239a494e917\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:  2138164 0a4c78f2bda571599ecffc75dade8006\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:   343092 df67f3a082314f41e14cdf97c35c4668\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:   168874 dcdab1a3f91f1f2a91a20d01873545ba\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:    60626 27c5b3fec56fcb1d7215fd35dfa31ec1\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_lpia.deb\n      Size/MD5:    52394 5644013cd3dec455b6b6d88b4306d67d\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:    43566 986c0bd78d2fc4fb5ae76598b24b1a41\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:   138118 cc8ece0b9d10792ead1b7902924a6a81\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:  1669132 eefc44a29391bb799adc54b6cb412cf3\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:  2266096 b798bac78d4f645b90683b3a7901ff4d\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:   348056 e9100409aabe02a51ea9fd6c315ab5b6\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:   177934 9d812213782055304cc92b4b3ca69894\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:    61266 7287aa743d0135c2d16bf29acf9cf915\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_powerpc.deb\n      Size/MD5:    57452 b132aaccd9bcf40dc9ae38783f69c6a6\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:    37220 5399de66103270899259960bb9d61345\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:   117550 80acdf6867e804b3aa00055737534b57\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:  1496764 e434ccdce381acf459b8d387881057d9\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:  2202892 bbe3b1587f55b0bd868ce5e6fd4a38e9\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:   344914 8a6824c84362ffbf4f9846a65045354a\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:   166792 2be506fc868b369e46cf9f9d5fe83e69\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:    57854 aef2dd0a14d3a8f01142d78e40ddcb67\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_sparc.deb\n      Size/MD5:    49804 8d12ec1a43df8c8c40f88082139d2785\n\nUpdated packages for Ubuntu 9.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.diff.gz\n      Size/MD5:   335789 4f5f61340c4875048c60d69f82dec645\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.dsc\n      Size/MD5:     1995 e338a99e7a2e02a57415885e285f3bb1\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz\n      Size/MD5:  4809771 e6f2d90491ed050e5ff2104b617b88ea\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:  1165632 9b0854975cf994bd9233d6469e777e01\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:    60870 0e74155e761a4d852866bfdac0fb18fb\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:    60876 ad4e2582235225612d6c14e65dbcba3d\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:    60868 636f7492dabc042d1bc7e11864b38df1\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:    60872 47806c56c4700090e125496e23d8529c\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:     4516 0e4d49c326db4af8add9edd88b561ad9\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:    60856 09bb0b47cf251fde476503402b0d0518\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.6_all.deb\n      Size/MD5:    60866 02b07214f91997c6b4f5d017aff0655e\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:    37294 f14e9d6deb8a90dc55ba033dd6932f29\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:   119756 b6d1f12fdca56879c84d177280535945\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:  1664430 e0829de2955259a1169ca120f0a0a674\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:  2170170 47904ff162f68734105645d802262448\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:   352252 cff0030f199a0c96accc192e4168339c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:   177900 da8f57dc1c56c823d459c12b98e64d2a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:    61264 5deccf4e07529b9e4676a83a556cebde\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_amd64.deb\n      Size/MD5:    52226 306d5a5075974aa902c7e10066420efa\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:    36230 5d95974ec58afa8d26b10d7b9c46a66b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:   115278 9011610cdad6d618456f508e3fe02107\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:  1523946 660619a4cbb8df04bd81354ab6059f6c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:  2136486 7f7dea27d4901a02daf9497bd242e2d9\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:   346068 67c31d2afa56164900bb916480386b79\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:   174416 c84631d45fd35facbf136270470844d4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:    60498 31d407917c749a659835e23c99eef0bb\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_i386.deb\n      Size/MD5:    51542 5026ab999fb97ac800bd185af3a8cff1\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:    36022 952070683ed6130fbc8e5531e2142063\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:   114500 977d5c00dc13327bc0c9bce453473388\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:  1552094 4fecfb548b223615fc7ce88f8fb94264\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:  2134028 8dad89838f050c4a375c01ab4b3b2559\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:   343052 0139347ae444d4d9f0b9b1420ebfc04f\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:   172714 406bb68cba379412650849ea003eb537\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:    60668 0a2993f0ac79fc4a91648991be1b0976\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_lpia.deb\n      Size/MD5:    52342 a501ebcafdf48300f5326632ce1b08b6\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:    43574 ae6a41699272fc0b360ba6555fd4e7ef\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:   138086 95d5d1551240a86de61f4472f8433d01\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:  1640174 24942cd5b3e82cb8f700880ace4cb40b\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:  2257684 78ff8dc9f337c46ade897f22092939af\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:   347984 9663f15cddd48aaa7d389ce1244aebc1\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:   183308 1d188a3ea31eaba68b620b8fece8fcd8\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:    61306 56306bfa507550c07d02b820380e19c3\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_powerpc.deb\n      Size/MD5:    57406 be85c41fd62fcaf3a28107a1614146d4\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:    37218 adeb034eaeadb51fd3723f382cab7b7c\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:   117506 7a8039312accd4ce6be1596403616744\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:  1468404 c3f80af2a2fc00c590562ea19e6fe9f2\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:  2203876 b75a1f2918317d00cc1540014c42e8d0\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:   344838 5976a1b94be50118b6ddcdc4b40de073\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:   170236 262941bf660cc95765b72cf5aa13e14d\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:    57860 36426cde9ee4e2e2dc813ba4d0e98f19\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_sparc.deb\n      Size/MD5:    49702 590f4b45bf412b2f59d9ad4ea395754c\n\nUpdated packages for Ubuntu 9.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.diff.gz\n      Size/MD5:   414730 d1a0c764ccf1fedd4c3427c45d19a9ca\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.dsc\n      Size/MD5:     2273 4a8ceed09060814e0cf5070412e06aae\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz\n      Size/MD5:  5287327 4dc8f431ef50752dfd61d9d4959abd06\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:  1419910 5ccad7198ba64c4d2e487109d38baf6c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:    69572 33961e905c819b2d67c641fa0226596f\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:    69534 04b34f17b2f23a24254d74d266121b10\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:    69562 f624d2fcb8549771cd920148ba2ace45\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:    69574 e0b8e717d5bd0740c7af047debb050f7\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:     4548 45c04ec4b5ef40e7b5a05b97cfff0821\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.4_all.deb\n      Size/MD5:    69554 10ac2f07563d4eb693e27195b7778935\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    36708 60bcfe9509bf6c460a24b32f3dc22f3a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:   120258 31f336e66b77fdb68624eee6c3f6aa86\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    89636 f2300503230b0418b939bbf0acbddd50\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:  1909456 70052df26d278ec8fbcb89e92801f59c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:   210406 50cf5e47fc69aa59dafcc51fd1ba7aca\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:   218936 7f04aa35b965955b0c12566d18dd27bc\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:   101856 80b6e20deaa9ec8006b6233daea025c4\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    31586 cac166753bfc5dad29293f69669402fe\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    90190 bdf93f96a315ba2313eb0bc86a24fa2b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    22192 be5b0eba29c355d76aa86db66b328b8c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    61528 bcfe65ac2cd9cfab070635f5ede4482b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    53160 a3cff812c204698c97027c47a2a8032d\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    81196 7fdf8a14125aed96ba11cfad2df8450b\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    15492 406aa3da43f5949e6d062bf117a8656c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:   143032 c29bf3ee9e457b0096ada17948d85afb\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    60098 1cd00de7321f747b33a82c06bec69625\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_amd64.deb\n      Size/MD5:    34526 8a2d07f4f318a7fb578aef25a1fa106b\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    35470 59752d8fe6b0ab6b4be4bc9553dd67fe\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:   115326 24a5ebd4c6b0c9932ec34481bdfc27fd\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    88804 71f3cbd750cb6283dc29cdea5e7b8dd3\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:  1867476 93037d1769ff83d77a6da5ed93e82058\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:   199428 dc33c5038d26a0b76f1b694598c004a0\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:   213030 031bc59c14807b8d6c7347c2a3ba2e8c\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:   101048 e751022124d2496ac051280b70e75d88\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    31376 133412f956a2808d74ae62bc73ca6c48\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    90402 4c375adba3718768e98346d10ecfc2ed\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    22060 6969c7f346d155095980d127763e205a\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    60314 6d620c4a4380d7e65c2dcf147c7df896\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    52412 6641e47022e889de1525eaf5c5305eca\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    81106 7e3b8f7ddec3a8a5b8377b0234270268\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    15206 fd9858648c9df78fae4a974955c0e475\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:   141568 1db2ce91ffedfa1bbde68b2756cfe389\n    http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    61438 1299d9de795e485872507e21e42b20e5\n    http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_i386.deb\n      Size/MD5:    32824 a7d8171d0f2888bb97f59387b5953db2\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    35442 dd26d3e196a3bc1880331dc3821cdbab\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:   115178 76977be3cbcb0d5f4a22ada4071188e4\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    88774 6516931d5dce31c51b80f107a6c78f29\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:  1865004 e482b421a57cc75b18d979de2e82fb7a\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:   196772 061c86b147f9fdb980e7d40d8e84dabd\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:   211440 13a330ef0e77a7f20f0e803140148905\n    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:   100448 17f556fffdb82e83559268361e0eb53f\n    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    31206 27d0d62e0c989545ed7455f832eb2b25\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    89820 86176d7a6557617ff30aa83bcc875196\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    21778 e04668e8936e1d32e7e33414e570fcee\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    59950 9569de467d24173a0c35b838fea647fc\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    52576 582213e9cde03104f3c1795d06984197\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    81056 c1a6cca183116319ed1a095806cf1c8c\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    15304 21d41f59b097afbd27a12f7c9e877b32\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:   141898 15553deba7c1e9c98136330e97b59119\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    62662 ecc362e334c91a0530c356b17e6a2641\n    http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_lpia.deb\n      Size/MD5:    33264 325a9170ecf6cd1dc9f955be9bbc1d24\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    37006 3acbe062b83fdc269964eef5675a89c5\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:   121650 74995951c11f700b551f6c8ce2badb23\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    89384 8f0ce2467cda194e493e87369aab765d\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:  1930866 ef1a8fd29f47f928b81c785730ce89d9\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:   203588 decd7de1cafe69b61d713988fe55af37\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:   223504 f60c1ea0858fd39961852c870c7fce49\n    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:   101020 c0ad517da1a8bc09ccf97903a3ded8c9\n    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    33348 2424426af873cd4207b8226ebb8490c5\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    89594 9e6125fb851403ef7e80f09840eaa89a\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    22324 a4b8cbb7319e42721479d3092ef23f16\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    60618 01ffa1358e2fb0c5dd307cd8d135c14f\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    55376 fa276276aa683c19b9fc10bf65372347\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    81558 c9060c3ec4eca6ae2ce532f44298e556\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    15790 c857b043bf0bb4ff3dfc0db38de89f99\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:   141118 92099a9250e369378fe8287e556b21a7\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    64954 b7da8579507c4db05cc78df34d289f76\n    http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_powerpc.deb\n      Size/MD5:    34790 964c7ecb9faa3a0b1a115a2a06a66e75\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    36068 7ab9b44191ad5078c5f63a521744ca23\n    http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:   117816 2be453254c5f80dc1c353acc62a3c443\n    http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    89232 09f73b5d95d3248b5ecc0393036ddbff\n    http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:  1954238 7f4762af124ba5e650569b6fa2fbb5c7\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:   201516 730d6a0e1428a7165e01a565cc810d8a\n    http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:   210594 4f16bfe7a76a1c9cb137401290c4f5c1\n    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:   102698 fe023955fc4e93236d2ff46b685bc32b\n    http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    31560 4be671eb7500d06a1f949df0d92086e7\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    89804 3e5dbcf536bc2be0435561b4997c796e\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    21380 fce9fff2a5bc990ae97cd67569805789\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    58150 e5a43b39220105101c69480fa63075f5\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    50290 1cf2e270243b8f0a6cc56405a8c5bd94\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    80330 fd1073834591fd282edc82e516d7e533\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    14380 e00615f5e33b445f214fd1205b1948cb\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:   144322 85692c2dcfd49bb0c0e0aad28ccb670c\n    http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    61450 c809cd1adf184af7e35e60fa9c9c55e3\n    http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_sparc.deb\n      Size/MD5:    33858 2bddab9378a2a4e3938ce6ed39dc807e\n\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201207-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: CUPS: Multiple vulnerabilities\n     Date: July 09, 2012\n     Bugs: #295256, #308045, #325551, #380771\n       ID: 201207-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in CUPS, some of which may\nallow execution of arbitrary code or local privilege escalation. \n\nBackground\n==========\n\nCUPS, the Common Unix Printing System, is a full-featured print server. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-print/cups              \u003c 1.4.8-r1               \u003e= 1.4.8-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in CUPS. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attacker may be able to execute arbitrary code using specially\ncrafted streams, IPP requests or files, or cause a Denial of Service\n(daemon crash or hang). A local attacker may be able to gain escalated\nprivileges or overwrite arbitrary files. Furthermore, a remote attacker\nmay be able to obtain sensitive information from the CUPS process or\nhijack a CUPS administrator authentication request. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll CUPS users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-print/cups-1.4.8-r1\"\n\nNOTE: This is a legacy GLSA. Updates for all affected architectures are\navailable since September 03, 2011. It is likely that your system is\nalready no longer affected by this issue. \n\nReferences\n==========\n\n[  1 ] CVE-2009-3553\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553\n[  2 ] CVE-2010-0302\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302\n[  3 ] CVE-2010-0393\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393\n[  4 ] CVE-2010-0540\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540\n[  5 ] CVE-2010-0542\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542\n[  6 ] CVE-2010-1748\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748\n[  7 ] CVE-2010-2431\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431\n[  8 ] CVE-2010-2432\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432\n[  9 ] CVE-2010-2941\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941\n[ 10 ] CVE-2011-3170\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201207-10.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-0302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          },
          {
            "db": "BID",
            "id": "38510"
          },
          {
            "db": "VULHUB",
            "id": "VHN-42907"
          },
          {
            "db": "PACKETSTORM",
            "id": "88415"
          },
          {
            "db": "PACKETSTORM",
            "id": "88416"
          },
          {
            "db": "PACKETSTORM",
            "id": "86869"
          },
          {
            "db": "PACKETSTORM",
            "id": "114577"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-0302",
            "trust": 4.0
          },
          {
            "db": "BID",
            "id": "38510",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "38785",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "40220",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38927",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "38979",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1024124",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1481",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067",
            "trust": 0.7
          },
          {
            "db": "NSFOCUS",
            "id": "14572",
            "trust": 0.6
          },
          {
            "db": "REDHAT",
            "id": "RHSA-2010:0129",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-906-1",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-42907",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "88415",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "88416",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "86869",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "114577",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-42907"
          },
          {
            "db": "BID",
            "id": "38510"
          },
          {
            "db": "PACKETSTORM",
            "id": "88415"
          },
          {
            "db": "PACKETSTORM",
            "id": "88416"
          },
          {
            "db": "PACKETSTORM",
            "id": "86869"
          },
          {
            "db": "PACKETSTORM",
            "id": "114577"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0302"
          }
        ]
      },
      "id": "VAR-201003-1075",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-42907"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T23:06:19.741000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "RHSA-2010",
            "trust": 0.8,
            "url": "http://www.cups.org/"
          },
          {
            "title": "Security Update 2010-004 (Leopard-Client)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3703"
          },
          {
            "title": "Mac OS X Server v10.6.4 Update",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3707"
          },
          {
            "title": "Security Update 2010-004 (Leopard-Server)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3702"
          },
          {
            "title": "Mac OS X v10.6.4 Update Mac mini (Mid 2010)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3706"
          },
          {
            "title": "Mac OS X v10.6.4 Update (Combo)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3705"
          },
          {
            "title": "Mac OS X Server v10.6.4 Update Mac mini (Mid 2010)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3709"
          },
          {
            "title": "Mac OS X v10.6.4 Update",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3704"
          },
          {
            "title": "Mac OS X Server v10.6.4 Update (Combo)",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3708"
          },
          {
            "title": "cups-1.4.4-source.tar",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=231"
          },
          {
            "title": "cups-1.4.4-source.tar",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=230"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-416",
            "trust": 1.0
          },
          {
            "problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-399",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-42907"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0302"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/38510"
          },
          {
            "trust": 1.7,
            "url": "https://rhn.redhat.com/errata/rhsa-2010-0129.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-906-1"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=557775"
          },
          {
            "trust": 1.2,
            "url": "http://security.gentoo.org/glsa/glsa-201207-10.xml"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1024124"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38785"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38927"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/38979"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/40220"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2010/1481"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2010//jun/msg00001.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037174.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:073"
          },
          {
            "trust": 1.1,
            "url": "http://cups.org/articles.php?l596"
          },
          {
            "trust": 1.1,
            "url": "http://cups.org/str.php?l3490"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht4188"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11216"
          },
          {
            "trust": 0.9,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0302"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/14572"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3553"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0302"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0393"
          },
          {
            "trust": 0.3,
            "url": "http://www.cups.org"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100082147"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0302"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3553"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2820"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2820"
          },
          {
            "trust": 0.2,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0393"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-client_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsddk_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-common_1.3.7-1ubuntu3.8_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/c/cups/cups-ppdc_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-gnutls10_1.2.2-0ubuntu0.6.06.17_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsys2-dev_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsdriver1-dev_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-client_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2-dev_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.3.7-1ubuntu3.8_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-bsd_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-bsd_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsmime1-dev_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys-dbg_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/libcupsys2_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.4.1.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2-dev_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsmime1_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2-dev_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsys2-dev_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-bsd_1.2.2-0ubuntu0.6.06.17_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cupsys_1.3.9-2ubuntu9.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-2ubuntu9.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsimage2-dev_1.3.7-1ubuntu3.8_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-17ubuntu3.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1-dev_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupscgi1-dev_1.4.1-5ubuntu2.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cupsys/libcupsys2-dev_1.3.7-1ubuntu3.8_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys_1.2.2-0ubuntu0.6.06.17_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/cupsys-client_1.3.7-1ubuntu3.8_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-dbg_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcupsimage2_1.3.9-2ubuntu9.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.3.9-17ubuntu3.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cupsys/libcupsimage2_1.2.2-0ubuntu0.6.06.17_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-common_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsppdc1_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcups2_1.3.9-17ubuntu3.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/libcups2_1.4.1-5ubuntu2.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/libcupsimage2_1.3.9-17ubuntu3.6_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups-bsd_1.4.1-5ubuntu2.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/c/cups/cups-client_1.4.1-5ubuntu2.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/c/cups/cupsys-common_1.4.1-5ubuntu2.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/c/cups/cups_1.3.9-17ubuntu3.6.dsc"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1748"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0540"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3553"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0542"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1748"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2431"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3170"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2431"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2432"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0393"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2941"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0540"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2941"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3170"
          },
          {
            "trust": 0.1,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2432"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0542"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-42907"
          },
          {
            "db": "BID",
            "id": "38510"
          },
          {
            "db": "PACKETSTORM",
            "id": "88415"
          },
          {
            "db": "PACKETSTORM",
            "id": "88416"
          },
          {
            "db": "PACKETSTORM",
            "id": "86869"
          },
          {
            "db": "PACKETSTORM",
            "id": "114577"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0302"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-42907",
            "ident": null
          },
          {
            "db": "BID",
            "id": "38510",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "88415",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "88416",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "86869",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "114577",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2010-0302",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-03-05T00:00:00",
            "db": "VULHUB",
            "id": "VHN-42907",
            "ident": null
          },
          {
            "date": "2010-03-03T00:00:00",
            "db": "BID",
            "id": "38510",
            "ident": null
          },
          {
            "date": "2010-04-15T23:53:52",
            "db": "PACKETSTORM",
            "id": "88415",
            "ident": null
          },
          {
            "date": "2010-04-15T23:54:31",
            "db": "PACKETSTORM",
            "id": "88416",
            "ident": null
          },
          {
            "date": "2010-03-03T21:12:43",
            "db": "PACKETSTORM",
            "id": "86869",
            "ident": null
          },
          {
            "date": "2012-07-10T13:46:02",
            "db": "PACKETSTORM",
            "id": "114577",
            "ident": null
          },
          {
            "date": "2010-03-05T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201003-067",
            "ident": null
          },
          {
            "date": "2010-03-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001157",
            "ident": null
          },
          {
            "date": "2010-03-05T19:30:00.437000",
            "db": "NVD",
            "id": "CVE-2010-0302",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2017-09-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-42907",
            "ident": null
          },
          {
            "date": "2015-04-16T18:13:00",
            "db": "BID",
            "id": "38510",
            "ident": null
          },
          {
            "date": "2010-03-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201003-067",
            "ident": null
          },
          {
            "date": "2024-02-28T03:07:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001157",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2010-0302",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "CUPS\u00a0 of \u00a0cupsd\u00a0 Service operation interruption in \u00a0(DoS)\u00a0 Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001157"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201003-067"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201506-0464

    Vulnerability from variot - Updated: 2026-04-10 22:57

    Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. PHP is prone to a buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. The following versions are affected: PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8. ========================================================================== Ubuntu Security Notice USN-2572-1 April 20, 2015

    php5 vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 14.10
    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS
    • Ubuntu 10.04 LTS

    Summary:

    Several security issues were fixed in PHP. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2348)

    It was discovered that PHP incorrectly handled unserializing PHAR files. (CVE-2015-2787)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 14.10: libapache2-mod-php5 5.5.12+dfsg-2ubuntu4.4 php5-cgi 5.5.12+dfsg-2ubuntu4.4 php5-cli 5.5.12+dfsg-2ubuntu4.4 php5-fpm 5.5.12+dfsg-2ubuntu4.4

    Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.9 php5-cgi 5.5.9+dfsg-1ubuntu4.9 php5-cli 5.5.9+dfsg-1ubuntu4.9 php5-fpm 5.5.9+dfsg-1ubuntu4.9

    Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.18 php5-cgi 5.3.10-1ubuntu3.18 php5-cli 5.3.10-1ubuntu3.18 php5-fpm 5.3.10-1ubuntu3.18

    Ubuntu 10.04 LTS: libapache2-mod-php5 5.3.2-1ubuntu4.30 php5-cgi 5.3.2-1ubuntu4.30 php5-cli 5.3.2-1ubuntu4.30

    In general, a standard system update will make all the necessary changes. 6) - i386, x86_64

    1. (CVE-2014-9709)

    A double free flaw was found in zend_ts_hash_graceful_destroy() function in the PHP ZTS module. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: php security and bug fix update Advisory ID: RHSA-2015:1135-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1135.html Issue date: 2015-06-23 CVE Names: CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 =====================================================================

    1. Summary:

    Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

    A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)

    A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024)

    An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232)

    An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-4022)

    Multiple flaws were discovered in the way PHP performed object unserialization. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603)

    It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026, CVE-2015-3411, CVE-2015-3412, CVE-2015-4598)

    Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. (CVE-2015-2301, CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)

    Multiple flaws were found in PHP's File Information (fileinfo) extension. A remote attacker could cause a PHP application to crash if it used fileinfo to identify type of attacker supplied files. (CVE-2014-9652, CVE-2015-4604, CVE-2015-4605)

    A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705)

    A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709)

    This update also fixes the following bugs:

    • The libgmp library in some cases terminated unexpectedly with a segmentation fault when being used with other libraries that use the GMP memory management. With this update, PHP no longer changes libgmp memory allocators, which prevents the described crash from occurring. (BZ#1212305)

    • When using the Open Database Connectivity (ODBC) API, the PHP process in some cases terminated unexpectedly with a segmentation fault. The underlying code has been adjusted to prevent this crash. (BZ#1212299)

    • Previously, running PHP on a big-endian system sometimes led to memory corruption in the fileinfo module. This update adjusts the behavior of the PHP pointer so that it can be freed without causing memory corruption. (BZ#1212298)

    All php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    For details on how to apply this update, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize() 1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) 1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c 1188599 - CVE-2014-9652 file: out of bounds read in mconvert() 1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c 1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone 1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() 1194747 - CVE-2015-2301 php: use after free in phar_object.c 1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize() 1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re 1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name 1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4 1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions 1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo 1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing 1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode() 1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS 1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods 1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+ 1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing 1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character 1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name 1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata() 1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize() 1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions 1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions 1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize 1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion

    1. Package List:

    Red Hat Enterprise Linux Client Optional (v. 7):

    Source: php-5.4.16-36.el7_1.src.rpm

    x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    Source: php-5.4.16-36.el7_1.src.rpm

    x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: php-5.4.16-36.el7_1.src.rpm

    ppc64: php-5.4.16-36.el7_1.ppc64.rpm php-cli-5.4.16-36.el7_1.ppc64.rpm php-common-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-gd-5.4.16-36.el7_1.ppc64.rpm php-ldap-5.4.16-36.el7_1.ppc64.rpm php-mysql-5.4.16-36.el7_1.ppc64.rpm php-odbc-5.4.16-36.el7_1.ppc64.rpm php-pdo-5.4.16-36.el7_1.ppc64.rpm php-pgsql-5.4.16-36.el7_1.ppc64.rpm php-process-5.4.16-36.el7_1.ppc64.rpm php-recode-5.4.16-36.el7_1.ppc64.rpm php-soap-5.4.16-36.el7_1.ppc64.rpm php-xml-5.4.16-36.el7_1.ppc64.rpm php-xmlrpc-5.4.16-36.el7_1.ppc64.rpm

    s390x: php-5.4.16-36.el7_1.s390x.rpm php-cli-5.4.16-36.el7_1.s390x.rpm php-common-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-gd-5.4.16-36.el7_1.s390x.rpm php-ldap-5.4.16-36.el7_1.s390x.rpm php-mysql-5.4.16-36.el7_1.s390x.rpm php-odbc-5.4.16-36.el7_1.s390x.rpm php-pdo-5.4.16-36.el7_1.s390x.rpm php-pgsql-5.4.16-36.el7_1.s390x.rpm php-process-5.4.16-36.el7_1.s390x.rpm php-recode-5.4.16-36.el7_1.s390x.rpm php-soap-5.4.16-36.el7_1.s390x.rpm php-xml-5.4.16-36.el7_1.s390x.rpm php-xmlrpc-5.4.16-36.el7_1.s390x.rpm

    x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: php-5.4.16-36.ael7b_1.src.rpm

    ppc64le: php-5.4.16-36.ael7b_1.ppc64le.rpm php-cli-5.4.16-36.ael7b_1.ppc64le.rpm php-common-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-gd-5.4.16-36.ael7b_1.ppc64le.rpm php-ldap-5.4.16-36.ael7b_1.ppc64le.rpm php-mysql-5.4.16-36.ael7b_1.ppc64le.rpm php-odbc-5.4.16-36.ael7b_1.ppc64le.rpm php-pdo-5.4.16-36.ael7b_1.ppc64le.rpm php-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm php-process-5.4.16-36.ael7b_1.ppc64le.rpm php-recode-5.4.16-36.ael7b_1.ppc64le.rpm php-soap-5.4.16-36.ael7b_1.ppc64le.rpm php-xml-5.4.16-36.ael7b_1.ppc64le.rpm php-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    ppc64: php-bcmath-5.4.16-36.el7_1.ppc64.rpm php-dba-5.4.16-36.el7_1.ppc64.rpm php-debuginfo-5.4.16-36.el7_1.ppc64.rpm php-devel-5.4.16-36.el7_1.ppc64.rpm php-embedded-5.4.16-36.el7_1.ppc64.rpm php-enchant-5.4.16-36.el7_1.ppc64.rpm php-fpm-5.4.16-36.el7_1.ppc64.rpm php-intl-5.4.16-36.el7_1.ppc64.rpm php-mbstring-5.4.16-36.el7_1.ppc64.rpm php-mysqlnd-5.4.16-36.el7_1.ppc64.rpm php-pspell-5.4.16-36.el7_1.ppc64.rpm php-snmp-5.4.16-36.el7_1.ppc64.rpm

    s390x: php-bcmath-5.4.16-36.el7_1.s390x.rpm php-dba-5.4.16-36.el7_1.s390x.rpm php-debuginfo-5.4.16-36.el7_1.s390x.rpm php-devel-5.4.16-36.el7_1.s390x.rpm php-embedded-5.4.16-36.el7_1.s390x.rpm php-enchant-5.4.16-36.el7_1.s390x.rpm php-fpm-5.4.16-36.el7_1.s390x.rpm php-intl-5.4.16-36.el7_1.s390x.rpm php-mbstring-5.4.16-36.el7_1.s390x.rpm php-mysqlnd-5.4.16-36.el7_1.s390x.rpm php-pspell-5.4.16-36.el7_1.s390x.rpm php-snmp-5.4.16-36.el7_1.s390x.rpm

    x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    ppc64le: php-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm php-dba-5.4.16-36.ael7b_1.ppc64le.rpm php-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm php-devel-5.4.16-36.ael7b_1.ppc64le.rpm php-embedded-5.4.16-36.ael7b_1.ppc64le.rpm php-enchant-5.4.16-36.ael7b_1.ppc64le.rpm php-fpm-5.4.16-36.ael7b_1.ppc64le.rpm php-intl-5.4.16-36.ael7b_1.ppc64le.rpm php-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm php-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm php-pspell-5.4.16-36.ael7b_1.ppc64le.rpm php-snmp-5.4.16-36.ael7b_1.ppc64le.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: php-5.4.16-36.el7_1.src.rpm

    x86_64: php-5.4.16-36.el7_1.x86_64.rpm php-cli-5.4.16-36.el7_1.x86_64.rpm php-common-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-gd-5.4.16-36.el7_1.x86_64.rpm php-ldap-5.4.16-36.el7_1.x86_64.rpm php-mysql-5.4.16-36.el7_1.x86_64.rpm php-odbc-5.4.16-36.el7_1.x86_64.rpm php-pdo-5.4.16-36.el7_1.x86_64.rpm php-pgsql-5.4.16-36.el7_1.x86_64.rpm php-process-5.4.16-36.el7_1.x86_64.rpm php-recode-5.4.16-36.el7_1.x86_64.rpm php-soap-5.4.16-36.el7_1.x86_64.rpm php-xml-5.4.16-36.el7_1.x86_64.rpm php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: php-bcmath-5.4.16-36.el7_1.x86_64.rpm php-dba-5.4.16-36.el7_1.x86_64.rpm php-debuginfo-5.4.16-36.el7_1.x86_64.rpm php-devel-5.4.16-36.el7_1.x86_64.rpm php-embedded-5.4.16-36.el7_1.x86_64.rpm php-enchant-5.4.16-36.el7_1.x86_64.rpm php-fpm-5.4.16-36.el7_1.x86_64.rpm php-intl-5.4.16-36.el7_1.x86_64.rpm php-mbstring-5.4.16-36.el7_1.x86_64.rpm php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm php-pspell-5.4.16-36.el7_1.x86_64.rpm php-snmp-5.4.16-36.el7_1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2014-8142 https://access.redhat.com/security/cve/CVE-2014-9652 https://access.redhat.com/security/cve/CVE-2014-9705 https://access.redhat.com/security/cve/CVE-2014-9709 https://access.redhat.com/security/cve/CVE-2015-0231 https://access.redhat.com/security/cve/CVE-2015-0232 https://access.redhat.com/security/cve/CVE-2015-0273 https://access.redhat.com/security/cve/CVE-2015-2301 https://access.redhat.com/security/cve/CVE-2015-2348 https://access.redhat.com/security/cve/CVE-2015-2783 https://access.redhat.com/security/cve/CVE-2015-2787 https://access.redhat.com/security/cve/CVE-2015-3307 https://access.redhat.com/security/cve/CVE-2015-3329 https://access.redhat.com/security/cve/CVE-2015-3330 https://access.redhat.com/security/cve/CVE-2015-3411 https://access.redhat.com/security/cve/CVE-2015-3412 https://access.redhat.com/security/cve/CVE-2015-4021 https://access.redhat.com/security/cve/CVE-2015-4022 https://access.redhat.com/security/cve/CVE-2015-4024 https://access.redhat.com/security/cve/CVE-2015-4025 https://access.redhat.com/security/cve/CVE-2015-4026 https://access.redhat.com/security/cve/CVE-2015-4147 https://access.redhat.com/security/cve/CVE-2015-4148 https://access.redhat.com/security/cve/CVE-2015-4598 https://access.redhat.com/security/cve/CVE-2015-4599 https://access.redhat.com/security/cve/CVE-2015-4600 https://access.redhat.com/security/cve/CVE-2015-4601 https://access.redhat.com/security/cve/CVE-2015-4602 https://access.redhat.com/security/cve/CVE-2015-4603 https://access.redhat.com/security/cve/CVE-2015-4604 https://access.redhat.com/security/cve/CVE-2015-4605 https://access.redhat.com/security/updates/classification/#important

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O dtqycPWs+07GhjmZ6NNx5Bg= =FREZ -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201606-10


                                           https://security.gentoo.org/
    

    Severity: Normal Title: PHP: Multiple vulnerabilities Date: June 19, 2016 Bugs: #537586, #541098, #544186, #544330, #546872, #549538, #552408, #555576, #555830, #556952, #559612, #562882, #571254, #573892, #577376 ID: 201606-10


    Synopsis

    Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition.

    Background

    PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Please review the CVE identifiers referenced below for details.

    Workaround

    There is no known workaround at this time.

    Resolution

    All PHP 5.4 users should upgrade to the latest 5.5 stable branch, as PHP 5.4 is now masked in Portage:

    # emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"

    All PHP 5.5 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.5.33"

    All PHP 5.6 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=dev=lang/php-5.6.19"

    References

    [ 1 ] CVE-2013-6501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501 [ 2 ] CVE-2014-9705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705 [ 3 ] CVE-2014-9709 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709 [ 4 ] CVE-2015-0231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231 [ 5 ] CVE-2015-0273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273 [ 6 ] CVE-2015-1351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351 [ 7 ] CVE-2015-1352 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352 [ 8 ] CVE-2015-2301 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301 [ 9 ] CVE-2015-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348 [ 10 ] CVE-2015-2783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783 [ 11 ] CVE-2015-2787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787 [ 12 ] CVE-2015-3329 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329 [ 13 ] CVE-2015-3330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330 [ 14 ] CVE-2015-4021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021 [ 15 ] CVE-2015-4022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022 [ 16 ] CVE-2015-4025 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025 [ 17 ] CVE-2015-4026 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026 [ 18 ] CVE-2015-4147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147 [ 19 ] CVE-2015-4148 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148 [ 20 ] CVE-2015-4642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642 [ 21 ] CVE-2015-4643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643 [ 22 ] CVE-2015-4644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644 [ 23 ] CVE-2015-6831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831 [ 24 ] CVE-2015-6832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832 [ 25 ] CVE-2015-6833 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833 [ 26 ] CVE-2015-6834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834 [ 27 ] CVE-2015-6835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835 [ 28 ] CVE-2015-6836 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836 [ 29 ] CVE-2015-6837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837 [ 30 ] CVE-2015-6838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838 [ 31 ] CVE-2015-7803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803 [ 32 ] CVE-2015-7804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201606-10

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    .

    Buffer Overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329).

    Potential remote code execution with apache 2.4 apache2handler (CVE-2015-3330).

    Additionally the timezonedb packages has been upgraded to the latest version and the PECL packages which requires so has been rebuilt for php-5.5.24.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3329 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330 http://advisories.mageia.org/MGASA-2015-0169.html


    Updated Packages:

    Mandriva Business Server 1/X86_64: fb5b4628263a821fb3e4075a5fb4e5b4 mbs1/x86_64/apache-mod_php-5.5.24-1.mbs1.x86_64.rpm 3c7f76ada5ccad65c212ee350fdffe87 mbs1/x86_64/lib64php5_common5-5.5.24-1.mbs1.x86_64.rpm 5400e21c3eaecc346e1eb8c712e9478f mbs1/x86_64/php-apc-3.1.15-1.18.mbs1.x86_64.rpm 90ae23234441a8de169207ff7f045684 mbs1/x86_64/php-apc-admin-3.1.15-1.18.mbs1.x86_64.rpm a39b53bcacc941035d830ce1052540b3 mbs1/x86_64/php-bcmath-5.5.24-1.mbs1.x86_64.rpm ada97c19882cf313e4d7ebba0909f6d8 mbs1/x86_64/php-bz2-5.5.24-1.mbs1.x86_64.rpm c6e5c880827c6bc76dfb1c15460637b4 mbs1/x86_64/php-calendar-5.5.24-1.mbs1.x86_64.rpm 6535a7223184cec5ac17edb9e1d31388 mbs1/x86_64/php-cgi-5.5.24-1.mbs1.x86_64.rpm 16aa52d7dd47cc27cb5d7aec420944eb mbs1/x86_64/php-cli-5.5.24-1.mbs1.x86_64.rpm 7983f9d1bf3039b5efdb0ed70329cccd mbs1/x86_64/php-ctype-5.5.24-1.mbs1.x86_64.rpm 3cbc805a1610b54d191e2e3ca99c3ae4 mbs1/x86_64/php-curl-5.5.24-1.mbs1.x86_64.rpm f53dd6f08013c00ae1c95df14671624e mbs1/x86_64/php-dba-5.5.24-1.mbs1.x86_64.rpm e2a5d632a8581e27a366191c9fd86424 mbs1/x86_64/php-devel-5.5.24-1.mbs1.x86_64.rpm 37bb13541a04b935c93600dc63e98047 mbs1/x86_64/php-doc-5.5.24-1.mbs1.noarch.rpm fad46645f9afb86eedf094cbe82eaebe mbs1/x86_64/php-dom-5.5.24-1.mbs1.x86_64.rpm 22141396e7bccb2aac8a2e7c0d0f02aa mbs1/x86_64/php-enchant-5.5.24-1.mbs1.x86_64.rpm e3f7bc72aad9e3fb7b9f25f64d9ca95c mbs1/x86_64/php-exif-5.5.24-1.mbs1.x86_64.rpm 53a76b203f90a9008eb35cdf93aac246 mbs1/x86_64/php-fileinfo-5.5.24-1.mbs1.x86_64.rpm 7cb8c9592f48413f3783f49947563a8f mbs1/x86_64/php-filter-5.5.24-1.mbs1.x86_64.rpm 3d34478d09bbf6848c8c2eaea0156feb mbs1/x86_64/php-fpm-5.5.24-1.mbs1.x86_64.rpm fc47e9e9b740e94e5210854b7872af8f mbs1/x86_64/php-ftp-5.5.24-1.mbs1.x86_64.rpm e22e5cf59f7d0c361b41e220fd0ebbde mbs1/x86_64/php-gd-5.5.24-1.mbs1.x86_64.rpm cd5fef5777b58e0562ddeb3ca4b4e1dd mbs1/x86_64/php-gettext-5.5.24-1.mbs1.x86_64.rpm aba136588f2c77f2cca4bcc300e7f0b5 mbs1/x86_64/php-gmp-5.5.24-1.mbs1.x86_64.rpm 8752b1e4f863b2cdadf08cfdcaf462f7 mbs1/x86_64/php-hash-5.5.24-1.mbs1.x86_64.rpm 36bef8c7e03cdffd66a4553266e1a13d mbs1/x86_64/php-iconv-5.5.24-1.mbs1.x86_64.rpm 0b405f5f49d174745a4135e033fbe234 mbs1/x86_64/php-imap-5.5.24-1.mbs1.x86_64.rpm fc25a10fb623016b5e95595aa114274a mbs1/x86_64/php-ini-5.5.24-1.mbs1.x86_64.rpm c4435a44b199cd4fadca0cac247aca06 mbs1/x86_64/php-intl-5.5.24-1.mbs1.x86_64.rpm ec611fd14d6b502990fe0a3ab243211a mbs1/x86_64/php-json-5.5.24-1.mbs1.x86_64.rpm 519c8ae2df9aeca23d15953470c3a485 mbs1/x86_64/php-ldap-5.5.24-1.mbs1.x86_64.rpm f52168266f3d1df5a333f2acb83c7739 mbs1/x86_64/php-mbstring-5.5.24-1.mbs1.x86_64.rpm 8fed199f0b2be5b2d1780bed11c5c5d6 mbs1/x86_64/php-mcrypt-5.5.24-1.mbs1.x86_64.rpm e5d5276bcfaa7d951b4b543e76949a2f mbs1/x86_64/php-mssql-5.5.24-1.mbs1.x86_64.rpm 0a34a8334cd8a3e4d7867a962df62f15 mbs1/x86_64/php-mysql-5.5.24-1.mbs1.x86_64.rpm 3fd0dcc4cb8c4ef136c68e243788aa85 mbs1/x86_64/php-mysqli-5.5.24-1.mbs1.x86_64.rpm d9db3dd5963888f69b11cdaa1d1c97e4 mbs1/x86_64/php-mysqlnd-5.5.24-1.mbs1.x86_64.rpm f27cbd0c9f968bfa7d6f10d8040a1f4f mbs1/x86_64/php-odbc-5.5.24-1.mbs1.x86_64.rpm db18ba83bd3e8f82f189c4e93799de9a mbs1/x86_64/php-opcache-5.5.24-1.mbs1.x86_64.rpm 7e02eaad2751f993fcd7af5a649b4707 mbs1/x86_64/php-openssl-5.5.24-1.mbs1.x86_64.rpm be43bdb8b4c0ea65901bb7ab4a12e1be mbs1/x86_64/php-pcntl-5.5.24-1.mbs1.x86_64.rpm 57ba222e0921de0efcad052a1ed359cc mbs1/x86_64/php-pdo-5.5.24-1.mbs1.x86_64.rpm 3ba50d22dead03f756136363e1e2ce27 mbs1/x86_64/php-pdo_dblib-5.5.24-1.mbs1.x86_64.rpm fe6858486fc7a42f7099f103fec8e0c9 mbs1/x86_64/php-pdo_mysql-5.5.24-1.mbs1.x86_64.rpm 407570e83b281be3515970aa6e24a773 mbs1/x86_64/php-pdo_odbc-5.5.24-1.mbs1.x86_64.rpm e5c66883133694a146b0f4840749a7d7 mbs1/x86_64/php-pdo_pgsql-5.5.24-1.mbs1.x86_64.rpm d41508abccb63d3b0c0d44a82596f1d6 mbs1/x86_64/php-pdo_sqlite-5.5.24-1.mbs1.x86_64.rpm 3f7dd514cca5b5259854043194099c4c mbs1/x86_64/php-pgsql-5.5.24-1.mbs1.x86_64.rpm 1b6b8a0d2e033b35697757a49329d51e mbs1/x86_64/php-phar-5.5.24-1.mbs1.x86_64.rpm 30e86f3079cd49241d680f46542b16b8 mbs1/x86_64/php-posix-5.5.24-1.mbs1.x86_64.rpm b065951f2e32008908857708ae2f1539 mbs1/x86_64/php-readline-5.5.24-1.mbs1.x86_64.rpm 13886e31952529313c505acbc7ebbbc6 mbs1/x86_64/php-recode-5.5.24-1.mbs1.x86_64.rpm 95ca2a29237d6f3e6f852431626be072 mbs1/x86_64/php-session-5.5.24-1.mbs1.x86_64.rpm f5f33541bc2a3b3f0b456989e20aa45c mbs1/x86_64/php-shmop-5.5.24-1.mbs1.x86_64.rpm c5414a148aa0e25b03b9faf79c50693a mbs1/x86_64/php-snmp-5.5.24-1.mbs1.x86_64.rpm d02afd660db7544b09328445c2f99ec6 mbs1/x86_64/php-soap-5.5.24-1.mbs1.x86_64.rpm 239a1c675cf3a4f853cc94cfc188e60e mbs1/x86_64/php-sockets-5.5.24-1.mbs1.x86_64.rpm 04e689ed1f9163a149f3448cfe4bd218 mbs1/x86_64/php-sqlite3-5.5.24-1.mbs1.x86_64.rpm a39905d2eae282b1d06db94afbf51255 mbs1/x86_64/php-sybase_ct-5.5.24-1.mbs1.x86_64.rpm a7fd332d4fea37c9f3335a0d8921f228 mbs1/x86_64/php-sysvmsg-5.5.24-1.mbs1.x86_64.rpm b9fdd882caee7f469d3c285082e8f717 mbs1/x86_64/php-sysvsem-5.5.24-1.mbs1.x86_64.rpm 79ede61a89fae9e6fab33f1a99b3ded7 mbs1/x86_64/php-sysvshm-5.5.24-1.mbs1.x86_64.rpm 5f0b1072e400ccc886979e7647c160f2 mbs1/x86_64/php-tidy-5.5.24-1.mbs1.x86_64.rpm 1df6d933d3f5c14bb334b8e49df50901 mbs1/x86_64/php-timezonedb-2015.4-1.mbs1.x86_64.rpm e03d364e8d94dc5e509f89ad06b1ceec mbs1/x86_64/php-tokenizer-5.5.24-1.mbs1.x86_64.rpm 4eb33980b578bc3f7c8436993e401a6b mbs1/x86_64/php-wddx-5.5.24-1.mbs1.x86_64.rpm cfb0b798a98736cebe6d2854610e5c88 mbs1/x86_64/php-xml-5.5.24-1.mbs1.x86_64.rpm 2d05b6ecae1866827a732b19bdea2682 mbs1/x86_64/php-xmlreader-5.5.24-1.mbs1.x86_64.rpm bab20d281d211f8202d881723f0091f1 mbs1/x86_64/php-xmlrpc-5.5.24-1.mbs1.x86_64.rpm d213f4b86b0532049556a37958d12570 mbs1/x86_64/php-xmlwriter-5.5.24-1.mbs1.x86_64.rpm a43e88b8cb0cf9a46d63f318d63853c7 mbs1/x86_64/php-xsl-5.5.24-1.mbs1.x86_64.rpm 3150b97e91d4363c5b79b6e67cf4febe mbs1/x86_64/php-zip-5.5.24-1.mbs1.x86_64.rpm 962d3621008091b8186481e521296d29 mbs1/x86_64/php-zlib-5.5.24-1.mbs1.x86_64.rpm 52139e1dbd986bf5b685ee0f92e67da2 mbs1/SRPMS/php-5.5.24-1.mbs1.src.rpm 854f5600d70006910d80643b638289d4 mbs1/SRPMS/php-apc-3.1.15-1.18.mbs1.src.rpm 77e0fad280231397615e51f099b33f1c mbs1/SRPMS/php-timezonedb-2015.4-1.mbs1.src.rpm

    Mandriva Business Server 2/X86_64: 2a2dcd3f73583e81c1d4ca142814ed6a mbs2/x86_64/apache-mod_php-5.5.24-1.mbs2.x86_64.rpm a7964f16c85b0772835366fa821f7dd1 mbs2/x86_64/lib64php5_common5-5.5.24-1.mbs2.x86_64.rpm 624d6512573e4ccc202f9ea08433727e mbs2/x86_64/php-bcmath-5.5.24-1.mbs2.x86_64.rpm dd817015c54820a9fc967da7db4b1461 mbs2/x86_64/php-bz2-5.5.24-1.mbs2.x86_64.rpm 1c022b50d3f12d3e8e358fca3afe6f0f mbs2/x86_64/php-calendar-5.5.24-1.mbs2.x86_64.rpm 52159b3e747e424b1fe40944f404b45d mbs2/x86_64/php-cgi-5.5.24-1.mbs2.x86_64.rpm 5ac82cf4acc95e8d8a80537173a1dc98 mbs2/x86_64/php-cli-5.5.24-1.mbs2.x86_64.rpm e7271551aa14e6931b0ba22ee33d3712 mbs2/x86_64/php-ctype-5.5.24-1.mbs2.x86_64.rpm 7293fa4917183914c356cc2376a5e1ab mbs2/x86_64/php-curl-5.5.24-1.mbs2.x86_64.rpm 258058f8e1cda5be8a9444964a553691 mbs2/x86_64/php-dba-5.5.24-1.mbs2.x86_64.rpm c0a6fa757e9ffda700f65a93442564d4 mbs2/x86_64/php-devel-5.5.24-1.mbs2.x86_64.rpm c06bc210915a004b2b9fcd084f853e20 mbs2/x86_64/php-doc-5.5.24-1.mbs2.noarch.rpm 049a5952ec9f5af423d4ecc78ff80f60 mbs2/x86_64/php-dom-5.5.24-1.mbs2.x86_64.rpm c09f88b638281bb87aea12ef38455f36 mbs2/x86_64/php-enchant-5.5.24-1.mbs2.x86_64.rpm 54d1dc9b189dfb87de442ba2c765deef mbs2/x86_64/php-exif-5.5.24-1.mbs2.x86_64.rpm ee6d0aa018912da413a14365a41cc1a2 mbs2/x86_64/php-fileinfo-5.5.24-1.mbs2.x86_64.rpm 0f216dc10bb650bdf29c01d9905ca4f2 mbs2/x86_64/php-filter-5.5.24-1.mbs2.x86_64.rpm 4bf7b3c69724d769e10f8341c95d6004 mbs2/x86_64/php-fpm-5.5.24-1.mbs2.x86_64.rpm aeb60443860bbb7e88a0288fb3e2f6cd mbs2/x86_64/php-ftp-5.5.24-1.mbs2.x86_64.rpm 226a551699749179b94570dfa3c50986 mbs2/x86_64/php-gd-5.5.24-1.mbs2.x86_64.rpm 5e29df38df1b862e4ba3b5486cdbcc47 mbs2/x86_64/php-gettext-5.5.24-1.mbs2.x86_64.rpm ead9effbca236c6c2902955935c28225 mbs2/x86_64/php-gmp-5.5.24-1.mbs2.x86_64.rpm c8f01d16bb8cbbd1d891c68c54d2dd16 mbs2/x86_64/php-hash-5.5.24-1.mbs2.x86_64.rpm c1c7332cf8dc2c0d21cb57bf4d7f81dd mbs2/x86_64/php-iconv-5.5.24-1.mbs2.x86_64.rpm 7f86a963f8cf5e6351acd1fdf995b7a1 mbs2/x86_64/php-imap-5.5.24-1.mbs2.x86_64.rpm 215c060793b574a36c28131dca9bf9c7 mbs2/x86_64/php-ini-5.5.24-1.mbs2.x86_64.rpm 7f07f161b4e1885aa807d3753d948e10 mbs2/x86_64/php-interbase-5.5.24-1.mbs2.x86_64.rpm 8171c9830749db254898f80f8ecbdd04 mbs2/x86_64/php-intl-5.5.24-1.mbs2.x86_64.rpm 1fa26b49fa8e0b776d484b4fcc0d4bf3 mbs2/x86_64/php-json-5.5.24-1.mbs2.x86_64.rpm 29051ac44b6e2068a71c026e9d458536 mbs2/x86_64/php-ldap-5.5.24-1.mbs2.x86_64.rpm 3d97347fe4b9589ae80b7fd16c281dcd mbs2/x86_64/php-mbstring-5.5.24-1.mbs2.x86_64.rpm 1a5a41400380b4bcde25d2b693e1dab0 mbs2/x86_64/php-mcrypt-5.5.24-1.mbs2.x86_64.rpm a79635ca99cd7ae80d1661373161da1f mbs2/x86_64/php-mssql-5.5.24-1.mbs2.x86_64.rpm cdc3bde549c9ae73915db8a0e0919ce5 mbs2/x86_64/php-mysql-5.5.24-1.mbs2.x86_64.rpm 7a72c1ab11020a2c52aa3a74636d5342 mbs2/x86_64/php-mysqli-5.5.24-1.mbs2.x86_64.rpm 93fb357f9dbf32887a98a5409b3b8a16 mbs2/x86_64/php-mysqlnd-5.5.24-1.mbs2.x86_64.rpm caf79717e1ca56ec3e53fdaa25e734aa mbs2/x86_64/php-odbc-5.5.24-1.mbs2.x86_64.rpm eb293f64d2bd635c70d36274275e60bb mbs2/x86_64/php-opcache-5.5.24-1.mbs2.x86_64.rpm 91847d268cb8a62eb0e89fc95a9c51e6 mbs2/x86_64/php-openssl-5.5.24-1.mbs2.x86_64.rpm 35e065d8684684e3e304bafbb309c895 mbs2/x86_64/php-pcntl-5.5.24-1.mbs2.x86_64.rpm d65e05e7edf7480ed362783dc75609be mbs2/x86_64/php-pdo-5.5.24-1.mbs2.x86_64.rpm 8657b2e1171497ff9ae5864ecccfeb23 mbs2/x86_64/php-pdo_dblib-5.5.24-1.mbs2.x86_64.rpm 19c9414ced1e0806b77347f9427d6653 mbs2/x86_64/php-pdo_firebird-5.5.24-1.mbs2.x86_64.rpm 28b09335667ac3993f1aca5da234df8a mbs2/x86_64/php-pdo_mysql-5.5.24-1.mbs2.x86_64.rpm b928f58777cfbd848985606bd680bf8f mbs2/x86_64/php-pdo_odbc-5.5.24-1.mbs2.x86_64.rpm ba6bf3afe9d497b9f1d99cb467b13ca5 mbs2/x86_64/php-pdo_pgsql-5.5.24-1.mbs2.x86_64.rpm 21823497094c28ce7bf74f052122fe99 mbs2/x86_64/php-pdo_sqlite-5.5.24-1.mbs2.x86_64.rpm 4a6a259c16ca5bad2b466f29acad4985 mbs2/x86_64/php-pgsql-5.5.24-1.mbs2.x86_64.rpm 7c9c9f9555a74f3257c6e8f16222d21f mbs2/x86_64/php-phar-5.5.24-1.mbs2.x86_64.rpm db4254db501a4fca54fa367b20f068f4 mbs2/x86_64/php-posix-5.5.24-1.mbs2.x86_64.rpm 10fb26df5f5a5d3b1988c40678b56fb6 mbs2/x86_64/php-readline-5.5.24-1.mbs2.x86_64.rpm c20ddec24b84440146734feb639b0f00 mbs2/x86_64/php-recode-5.5.24-1.mbs2.x86_64.rpm 68a49598e99391f37342a3d23a1414e7 mbs2/x86_64/php-session-5.5.24-1.mbs2.x86_64.rpm a26563d738120cba5f81ddda143ca55f mbs2/x86_64/php-shmop-5.5.24-1.mbs2.x86_64.rpm d69120a1ed4aeb3fe229cc83120d8c78 mbs2/x86_64/php-snmp-5.5.24-1.mbs2.x86_64.rpm 4596e3f325f70a29bf12d76793984b20 mbs2/x86_64/php-soap-5.5.24-1.mbs2.x86_64.rpm 7deda5cc9443b117fad82352943353ff mbs2/x86_64/php-sockets-5.5.24-1.mbs2.x86_64.rpm bc3f0ad45bb5bf488c73a5933a70d2c0 mbs2/x86_64/php-sqlite3-5.5.24-1.mbs2.x86_64.rpm 295fa388d26e62dcb0faf23c6e690ffa mbs2/x86_64/php-sybase_ct-5.5.24-1.mbs2.x86_64.rpm 88367608d60aac24ca0b0d0d92187b0e mbs2/x86_64/php-sysvmsg-5.5.24-1.mbs2.x86_64.rpm 36eac7d0e9a1f148e8954912db56dc13 mbs2/x86_64/php-sysvsem-5.5.24-1.mbs2.x86_64.rpm 74e6909f0c7a516bd99625c649bed33c mbs2/x86_64/php-sysvshm-5.5.24-1.mbs2.x86_64.rpm 9142ae8fb4665580503bc0520d3aaf89 mbs2/x86_64/php-tidy-5.5.24-1.mbs2.x86_64.rpm 4ee29061197f48af9c987d31abdec823 mbs2/x86_64/php-timezonedb-2015.4-1.mbs2.x86_64.rpm eafea4beda5144dd3adac0afce3f2258 mbs2/x86_64/php-tokenizer-5.5.24-1.mbs2.x86_64.rpm 505c78284f22f95d8a574c13ea043bc4 mbs2/x86_64/php-wddx-5.5.24-1.mbs2.x86_64.rpm e7e4fe996d11553ebd80ad4392caae2e mbs2/x86_64/php-xml-5.5.24-1.mbs2.x86_64.rpm 7a1c383a450c6a80f95255434e5390fd mbs2/x86_64/php-xmlreader-5.5.24-1.mbs2.x86_64.rpm 2af0b36e46ba236da59a98631c664bd9 mbs2/x86_64/php-xmlrpc-5.5.24-1.mbs2.x86_64.rpm a3f77553286094ecd60e174cfdb0e6dc mbs2/x86_64/php-xmlwriter-5.5.24-1.mbs2.x86_64.rpm b3bb2d250c73f7c355394353b4c0599d mbs2/x86_64/php-xsl-5.5.24-1.mbs2.x86_64.rpm a8f9476cba7a6aaab6eee8da66fd8fea mbs2/x86_64/php-zip-5.5.24-1.mbs2.x86_64.rpm 43d4282dddd18c07b87774cf704ce5be mbs2/x86_64/php-zlib-5.5.24-1.mbs2.x86_64.rpm 8cdfdd3582b44c38d735c58aea9e45f7 mbs2/SRPMS/php-5.5.24-1.mbs2.src.rpm 09afb4a05a8a1add563f2cb348fb2b0d mbs2/SRPMS/php-timezonedb-2015.4-1.mbs2.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    CVE-2015-4024

    Denial of service when processing multipart/form-data requests.
    

    For the oldstable distribution (wheezy), these problems have been fixed in version 5.4.41-0+deb7u1.

    For the stable distribution (jessie), these problems have been fixed in version 5.6.9+dfsg-0+deb8u1.

    For the testing distribution (stretch), these problems have been fixed in version 5.6.9+dfsg-1.

    For the unstable distribution (sid), these problems have been fixed in version 5.6.9+dfsg-1.

    We recommend that you upgrade your php5 packages

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.14"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.23"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.1"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.12"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.3"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.19"
          },
          {
            "_id": null,
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.4"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.9.5"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.6.8"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.9"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.2"
          },
          {
            "_id": null,
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.5"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.6"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.22"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.2"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.7"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.10"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.18"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.7"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.11"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.8"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.13"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.6"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.0"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.4"
          },
          {
            "_id": null,
            "model": "enterprise linux hpc node eus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.20"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.2"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.4.39"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.3"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.10.1"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.3"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.5"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.4"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.21"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.9.5 (ht205031)"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the php group",
            "version": "5.5.24"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.6.8 thats all  10.11"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the php group",
            "version": "5.6.x"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "(ht205267)"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "the php group",
            "version": "5.6.8"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "the php group",
            "version": "5.5.x"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "10.10 to  10.10.4 (ht205031)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "php",
            "version": "5.4.3"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "php",
            "version": "5.4.2"
          },
          {
            "_id": null,
            "model": "php",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "php",
            "version": "5.4.1"
          },
          {
            "_id": null,
            "model": "5.5.0-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "php",
            "version": null
          },
          {
            "_id": null,
            "model": "5.4.1rc1-dev",
            "scope": null,
            "trust": 0.3,
            "vendor": "php",
            "version": null
          },
          {
            "_id": null,
            "model": "5.4.0beta2",
            "scope": null,
            "trust": 0.3,
            "vendor": "php",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "74240"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3329"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:php:php",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "emmanuel law",
        "sources": [
          {
            "db": "BID",
            "id": "74240"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-3329",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2015-3329",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-81290",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-3329",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-3329",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201505-041",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-81290",
                "trust": 0.1,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-3329",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81290"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3329"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3329"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive. PHP is prone to a buffer-overflow vulnerability. \nAttackers can exploit this issue to execute  arbitrary code in the context of the affected application. Failed  exploit attempts will result in denial-of-service conditions. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. The following versions are affected: PHP prior to 5.4.40, 5.5.x prior to 5.5.24, and 5.6.x prior to 5.6.8. ==========================================================================\nUbuntu Security Notice USN-2572-1\nApril 20, 2015\n\nphp5 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.10\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. This issue only applied to\nUbuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2348)\n\nIt was discovered that PHP incorrectly handled unserializing PHAR files. \n(CVE-2015-2787)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.10:\n  libapache2-mod-php5             5.5.12+dfsg-2ubuntu4.4\n  php5-cgi                        5.5.12+dfsg-2ubuntu4.4\n  php5-cli                        5.5.12+dfsg-2ubuntu4.4\n  php5-fpm                        5.5.12+dfsg-2ubuntu4.4\n\nUbuntu 14.04 LTS:\n  libapache2-mod-php5             5.5.9+dfsg-1ubuntu4.9\n  php5-cgi                        5.5.9+dfsg-1ubuntu4.9\n  php5-cli                        5.5.9+dfsg-1ubuntu4.9\n  php5-fpm                        5.5.9+dfsg-1ubuntu4.9\n\nUbuntu 12.04 LTS:\n  libapache2-mod-php5             5.3.10-1ubuntu3.18\n  php5-cgi                        5.3.10-1ubuntu3.18\n  php5-cli                        5.3.10-1ubuntu3.18\n  php5-fpm                        5.3.10-1ubuntu3.18\n\nUbuntu 10.04 LTS:\n  libapache2-mod-php5             5.3.2-1ubuntu4.30\n  php5-cgi                        5.3.2-1ubuntu4.30\n  php5-cli                        5.3.2-1ubuntu4.30\n\nIn general, a standard system update will make all the necessary changes. 6) - i386, x86_64\n\n3. (CVE-2014-9709)\n\nA double free flaw was found in zend_ts_hash_graceful_destroy() function in\nthe PHP ZTS module. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: php security and bug fix update\nAdvisory ID:       RHSA-2015:1135-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2015-1135.html\nIssue date:        2015-06-23\nCVE Names:         CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 \n                   CVE-2014-9709 CVE-2015-0231 CVE-2015-0232 \n                   CVE-2015-0273 CVE-2015-2301 CVE-2015-2348 \n                   CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 \n                   CVE-2015-3329 CVE-2015-3330 CVE-2015-3411 \n                   CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 \n                   CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 \n                   CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 \n                   CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 \n                   CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 \n                   CVE-2015-4605 \n=====================================================================\n\n1. Summary:\n\nUpdated php packages that fix multiple security issues and several bugs\nare now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nA flaw was found in the way the PHP module for the Apache httpd web server\nhandled pipelined requests. A remote attacker could use this flaw to\ntrigger the execution of a PHP script in a deinitialized interpreter,\ncausing it to crash or, possibly, execute arbitrary code. (CVE-2015-3330)\n\nA flaw was found in the way PHP parsed multipart HTTP POST requests. A\nspecially crafted request could cause PHP to use an excessive amount of CPU\ntime. (CVE-2015-4024)\n\nAn uninitialized pointer use flaw was found in PHP\u0027s Exif extension. A\nspecially crafted JPEG or TIFF file could cause a PHP application using the\nexif_read_data() function to crash or, possibly, execute arbitrary code\nwith the privileges of the user running that PHP application. \n(CVE-2015-0232)\n\nAn integer overflow flaw leading to a heap-based buffer overflow was found\nin the way PHP\u0027s FTP extension parsed file listing FTP server responses. A\nmalicious FTP server could use this flaw to cause a PHP application to\ncrash or, possibly, execute arbitrary code. (CVE-2015-4022)\n\nMultiple flaws were discovered in the way PHP performed object\nunserialization. (CVE-2014-8142, CVE-2015-0231, CVE-2015-0273,\nCVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600,\nCVE-2015-4601, CVE-2015-4602, CVE-2015-4603)\n\nIt was found that certain PHP functions did not properly handle file names\ncontaining a NULL character. A remote attacker could possibly use this flaw\nto make a PHP script access unexpected files and bypass intended file\nsystem access restrictions. (CVE-2015-2348, CVE-2015-4025, CVE-2015-4026,\nCVE-2015-3411, CVE-2015-3412, CVE-2015-4598)\n\nMultiple flaws were found in the way the way PHP\u0027s Phar extension parsed\nPhar archives. (CVE-2015-2301,\nCVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)\n\nMultiple flaws were found in PHP\u0027s File Information (fileinfo) extension. \nA remote attacker could cause a PHP application to crash if it used\nfileinfo to identify type of attacker supplied files. (CVE-2014-9652,\nCVE-2015-4604, CVE-2015-4605)\n\nA heap buffer overflow flaw was found in the enchant_broker_request_dict()\nfunction of PHP\u0027s enchant extension. An attacker able to make a PHP\napplication enchant dictionaries could possibly cause it to crash. \n(CVE-2014-9705)\n\nA buffer over-read flaw was found in the GD library used by the PHP gd\nextension. A specially crafted GIF file could cause a PHP application using\nthe imagecreatefromgif() function to crash. (CVE-2014-9709)\n\nThis update also fixes the following bugs:\n\n* The libgmp library in some cases terminated unexpectedly with a\nsegmentation fault when being used with other libraries that use the GMP\nmemory management. With this update, PHP no longer changes libgmp memory\nallocators, which prevents the described crash from occurring. (BZ#1212305)\n\n* When using the Open Database Connectivity (ODBC) API, the PHP process\nin some cases terminated unexpectedly with a segmentation fault. The\nunderlying code has been adjusted to prevent this crash. (BZ#1212299)\n\n* Previously, running PHP on a big-endian system sometimes led to memory\ncorruption in the fileinfo module. This update adjusts the behavior of\nthe PHP pointer so that it can be freed without causing memory corruption. \n(BZ#1212298)\n\nAll php users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1175718 - CVE-2014-8142 php: use after free vulnerability in unserialize()\n1185397 - CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)\n1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c\n1188599 - CVE-2014-9652 file: out of bounds read in mconvert()\n1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c\n1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone\n1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict()\n1194747 - CVE-2015-2301 php: use after free in phar_object.c\n1204868 - CVE-2015-4147 php: SoapClient\u0027s __call() type confusion through unserialize()\n1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re\n1207682 - CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name\n1213394 - CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4\n1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions\n1213442 - CVE-2015-4604 CVE-2015-4605 php: denial of service when processing a crafted file with Fileinfo\n1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing\n1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode()\n1222485 - CVE-2015-4024 php: multipart/form-data request paring CPU usage DoS\n1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods\n1223408 - CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+\n1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing\n1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character\n1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name\n1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata()\n1226916 - CVE-2015-4148 php: SoapClient\u0027s do_soap_call() type confusion after unserialize()\n1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions\n1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions\n1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize\n1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nppc64:\nphp-5.4.16-36.el7_1.ppc64.rpm\nphp-cli-5.4.16-36.el7_1.ppc64.rpm\nphp-common-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-gd-5.4.16-36.el7_1.ppc64.rpm\nphp-ldap-5.4.16-36.el7_1.ppc64.rpm\nphp-mysql-5.4.16-36.el7_1.ppc64.rpm\nphp-odbc-5.4.16-36.el7_1.ppc64.rpm\nphp-pdo-5.4.16-36.el7_1.ppc64.rpm\nphp-pgsql-5.4.16-36.el7_1.ppc64.rpm\nphp-process-5.4.16-36.el7_1.ppc64.rpm\nphp-recode-5.4.16-36.el7_1.ppc64.rpm\nphp-soap-5.4.16-36.el7_1.ppc64.rpm\nphp-xml-5.4.16-36.el7_1.ppc64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-5.4.16-36.el7_1.s390x.rpm\nphp-cli-5.4.16-36.el7_1.s390x.rpm\nphp-common-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-gd-5.4.16-36.el7_1.s390x.rpm\nphp-ldap-5.4.16-36.el7_1.s390x.rpm\nphp-mysql-5.4.16-36.el7_1.s390x.rpm\nphp-odbc-5.4.16-36.el7_1.s390x.rpm\nphp-pdo-5.4.16-36.el7_1.s390x.rpm\nphp-pgsql-5.4.16-36.el7_1.s390x.rpm\nphp-process-5.4.16-36.el7_1.s390x.rpm\nphp-recode-5.4.16-36.el7_1.s390x.rpm\nphp-soap-5.4.16-36.el7_1.s390x.rpm\nphp-xml-5.4.16-36.el7_1.s390x.rpm\nphp-xmlrpc-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.ael7b_1.src.rpm\n\nppc64le:\nphp-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-cli-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-common-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-gd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-ldap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-odbc-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pdo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pgsql-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-process-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-recode-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-soap-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xml-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.el7_1.ppc64.rpm\nphp-dba-5.4.16-36.el7_1.ppc64.rpm\nphp-debuginfo-5.4.16-36.el7_1.ppc64.rpm\nphp-devel-5.4.16-36.el7_1.ppc64.rpm\nphp-embedded-5.4.16-36.el7_1.ppc64.rpm\nphp-enchant-5.4.16-36.el7_1.ppc64.rpm\nphp-fpm-5.4.16-36.el7_1.ppc64.rpm\nphp-intl-5.4.16-36.el7_1.ppc64.rpm\nphp-mbstring-5.4.16-36.el7_1.ppc64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.ppc64.rpm\nphp-pspell-5.4.16-36.el7_1.ppc64.rpm\nphp-snmp-5.4.16-36.el7_1.ppc64.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.el7_1.s390x.rpm\nphp-dba-5.4.16-36.el7_1.s390x.rpm\nphp-debuginfo-5.4.16-36.el7_1.s390x.rpm\nphp-devel-5.4.16-36.el7_1.s390x.rpm\nphp-embedded-5.4.16-36.el7_1.s390x.rpm\nphp-enchant-5.4.16-36.el7_1.s390x.rpm\nphp-fpm-5.4.16-36.el7_1.s390x.rpm\nphp-intl-5.4.16-36.el7_1.s390x.rpm\nphp-mbstring-5.4.16-36.el7_1.s390x.rpm\nphp-mysqlnd-5.4.16-36.el7_1.s390x.rpm\nphp-pspell-5.4.16-36.el7_1.s390x.rpm\nphp-snmp-5.4.16-36.el7_1.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64le:\nphp-bcmath-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-dba-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-debuginfo-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-devel-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-embedded-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-enchant-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-fpm-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-intl-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mbstring-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-pspell-5.4.16-36.ael7b_1.ppc64le.rpm\nphp-snmp-5.4.16-36.ael7b_1.ppc64le.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.el7_1.src.rpm\n\nx86_64:\nphp-5.4.16-36.el7_1.x86_64.rpm\nphp-cli-5.4.16-36.el7_1.x86_64.rpm\nphp-common-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-gd-5.4.16-36.el7_1.x86_64.rpm\nphp-ldap-5.4.16-36.el7_1.x86_64.rpm\nphp-mysql-5.4.16-36.el7_1.x86_64.rpm\nphp-odbc-5.4.16-36.el7_1.x86_64.rpm\nphp-pdo-5.4.16-36.el7_1.x86_64.rpm\nphp-pgsql-5.4.16-36.el7_1.x86_64.rpm\nphp-process-5.4.16-36.el7_1.x86_64.rpm\nphp-recode-5.4.16-36.el7_1.x86_64.rpm\nphp-soap-5.4.16-36.el7_1.x86_64.rpm\nphp-xml-5.4.16-36.el7_1.x86_64.rpm\nphp-xmlrpc-5.4.16-36.el7_1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.el7_1.x86_64.rpm\nphp-dba-5.4.16-36.el7_1.x86_64.rpm\nphp-debuginfo-5.4.16-36.el7_1.x86_64.rpm\nphp-devel-5.4.16-36.el7_1.x86_64.rpm\nphp-embedded-5.4.16-36.el7_1.x86_64.rpm\nphp-enchant-5.4.16-36.el7_1.x86_64.rpm\nphp-fpm-5.4.16-36.el7_1.x86_64.rpm\nphp-intl-5.4.16-36.el7_1.x86_64.rpm\nphp-mbstring-5.4.16-36.el7_1.x86_64.rpm\nphp-mysqlnd-5.4.16-36.el7_1.x86_64.rpm\nphp-pspell-5.4.16-36.el7_1.x86_64.rpm\nphp-snmp-5.4.16-36.el7_1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2014-8142\nhttps://access.redhat.com/security/cve/CVE-2014-9652\nhttps://access.redhat.com/security/cve/CVE-2014-9705\nhttps://access.redhat.com/security/cve/CVE-2014-9709\nhttps://access.redhat.com/security/cve/CVE-2015-0231\nhttps://access.redhat.com/security/cve/CVE-2015-0232\nhttps://access.redhat.com/security/cve/CVE-2015-0273\nhttps://access.redhat.com/security/cve/CVE-2015-2301\nhttps://access.redhat.com/security/cve/CVE-2015-2348\nhttps://access.redhat.com/security/cve/CVE-2015-2783\nhttps://access.redhat.com/security/cve/CVE-2015-2787\nhttps://access.redhat.com/security/cve/CVE-2015-3307\nhttps://access.redhat.com/security/cve/CVE-2015-3329\nhttps://access.redhat.com/security/cve/CVE-2015-3330\nhttps://access.redhat.com/security/cve/CVE-2015-3411\nhttps://access.redhat.com/security/cve/CVE-2015-3412\nhttps://access.redhat.com/security/cve/CVE-2015-4021\nhttps://access.redhat.com/security/cve/CVE-2015-4022\nhttps://access.redhat.com/security/cve/CVE-2015-4024\nhttps://access.redhat.com/security/cve/CVE-2015-4025\nhttps://access.redhat.com/security/cve/CVE-2015-4026\nhttps://access.redhat.com/security/cve/CVE-2015-4147\nhttps://access.redhat.com/security/cve/CVE-2015-4148\nhttps://access.redhat.com/security/cve/CVE-2015-4598\nhttps://access.redhat.com/security/cve/CVE-2015-4599\nhttps://access.redhat.com/security/cve/CVE-2015-4600\nhttps://access.redhat.com/security/cve/CVE-2015-4601\nhttps://access.redhat.com/security/cve/CVE-2015-4602\nhttps://access.redhat.com/security/cve/CVE-2015-4603\nhttps://access.redhat.com/security/cve/CVE-2015-4604\nhttps://access.redhat.com/security/cve/CVE-2015-4605\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFViR1aXlSAg2UNWIIRAuxPAJ42GLQVzvzc9kje0VjDv8NZWcPv6QCbBL+O\ndtqycPWs+07GhjmZ6NNx5Bg=\n=FREZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201606-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: PHP: Multiple vulnerabilities\n     Date: June 19, 2016\n     Bugs: #537586, #541098, #544186, #544330, #546872, #549538,\n           #552408, #555576, #555830, #556952, #559612, #562882,\n           #571254, #573892, #577376\n       ID: 201606-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould lead to arbitrary code execution, or cause a Denial of Service\ncondition. \n\nBackground\n==========\n\nPHP is a widely-used general-purpose scripting language that is\nespecially suited for Web development and can be embedded into HTML. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 5.4 users should upgrade to the latest 5.5 stable branch, as\nPHP 5.4 is now masked in Portage:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.5 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.5.33\"\n\nAll PHP 5.6 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev=lang/php-5.6.19\"\n\nReferences\n==========\n\n[  1 ] CVE-2013-6501\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6501\n[  2 ] CVE-2014-9705\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9705\n[  3 ] CVE-2014-9709\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9709\n[  4 ] CVE-2015-0231\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0231\n[  5 ] CVE-2015-0273\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0273\n[  6 ] CVE-2015-1351\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1351\n[  7 ] CVE-2015-1352\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1352\n[  8 ] CVE-2015-2301\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2301\n[  9 ] CVE-2015-2348\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2348\n[ 10 ] CVE-2015-2783\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2783\n[ 11 ] CVE-2015-2787\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2787\n[ 12 ] CVE-2015-3329\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3329\n[ 13 ] CVE-2015-3330\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3330\n[ 14 ] CVE-2015-4021\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4021\n[ 15 ] CVE-2015-4022\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4022\n[ 16 ] CVE-2015-4025\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4025\n[ 17 ] CVE-2015-4026\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4026\n[ 18 ] CVE-2015-4147\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4147\n[ 19 ] CVE-2015-4148\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4148\n[ 20 ] CVE-2015-4642\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4642\n[ 21 ] CVE-2015-4643\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4643\n[ 22 ] CVE-2015-4644\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4644\n[ 23 ] CVE-2015-6831\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6831\n[ 24 ] CVE-2015-6832\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6832\n[ 25 ] CVE-2015-6833\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6833\n[ 26 ] CVE-2015-6834\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6834\n[ 27 ] CVE-2015-6835\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6835\n[ 28 ] CVE-2015-6836\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6836\n[ 29 ] CVE-2015-6837\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6837\n[ 30 ] CVE-2015-6838\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6838\n[ 31 ] CVE-2015-7803\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7803\n[ 32 ] CVE-2015-7804\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7804\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201606-10\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. \n \n Buffer Overflow when parsing tar/zip/phar in phar_set_inode\n (CVE-2015-3329). \n \n Potential remote code execution with apache 2.4 apache2handler\n (CVE-2015-3330). \n \n Additionally the timezonedb packages has been upgraded to the latest\n version and the PECL packages which requires so has been rebuilt\n for php-5.5.24. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2783\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3329\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3330\n http://advisories.mageia.org/MGASA-2015-0169.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n fb5b4628263a821fb3e4075a5fb4e5b4  mbs1/x86_64/apache-mod_php-5.5.24-1.mbs1.x86_64.rpm\n 3c7f76ada5ccad65c212ee350fdffe87  mbs1/x86_64/lib64php5_common5-5.5.24-1.mbs1.x86_64.rpm\n 5400e21c3eaecc346e1eb8c712e9478f  mbs1/x86_64/php-apc-3.1.15-1.18.mbs1.x86_64.rpm\n 90ae23234441a8de169207ff7f045684  mbs1/x86_64/php-apc-admin-3.1.15-1.18.mbs1.x86_64.rpm\n a39b53bcacc941035d830ce1052540b3  mbs1/x86_64/php-bcmath-5.5.24-1.mbs1.x86_64.rpm\n ada97c19882cf313e4d7ebba0909f6d8  mbs1/x86_64/php-bz2-5.5.24-1.mbs1.x86_64.rpm\n c6e5c880827c6bc76dfb1c15460637b4  mbs1/x86_64/php-calendar-5.5.24-1.mbs1.x86_64.rpm\n 6535a7223184cec5ac17edb9e1d31388  mbs1/x86_64/php-cgi-5.5.24-1.mbs1.x86_64.rpm\n 16aa52d7dd47cc27cb5d7aec420944eb  mbs1/x86_64/php-cli-5.5.24-1.mbs1.x86_64.rpm\n 7983f9d1bf3039b5efdb0ed70329cccd  mbs1/x86_64/php-ctype-5.5.24-1.mbs1.x86_64.rpm\n 3cbc805a1610b54d191e2e3ca99c3ae4  mbs1/x86_64/php-curl-5.5.24-1.mbs1.x86_64.rpm\n f53dd6f08013c00ae1c95df14671624e  mbs1/x86_64/php-dba-5.5.24-1.mbs1.x86_64.rpm\n e2a5d632a8581e27a366191c9fd86424  mbs1/x86_64/php-devel-5.5.24-1.mbs1.x86_64.rpm\n 37bb13541a04b935c93600dc63e98047  mbs1/x86_64/php-doc-5.5.24-1.mbs1.noarch.rpm\n fad46645f9afb86eedf094cbe82eaebe  mbs1/x86_64/php-dom-5.5.24-1.mbs1.x86_64.rpm\n 22141396e7bccb2aac8a2e7c0d0f02aa  mbs1/x86_64/php-enchant-5.5.24-1.mbs1.x86_64.rpm\n e3f7bc72aad9e3fb7b9f25f64d9ca95c  mbs1/x86_64/php-exif-5.5.24-1.mbs1.x86_64.rpm\n 53a76b203f90a9008eb35cdf93aac246  mbs1/x86_64/php-fileinfo-5.5.24-1.mbs1.x86_64.rpm\n 7cb8c9592f48413f3783f49947563a8f  mbs1/x86_64/php-filter-5.5.24-1.mbs1.x86_64.rpm\n 3d34478d09bbf6848c8c2eaea0156feb  mbs1/x86_64/php-fpm-5.5.24-1.mbs1.x86_64.rpm\n fc47e9e9b740e94e5210854b7872af8f  mbs1/x86_64/php-ftp-5.5.24-1.mbs1.x86_64.rpm\n e22e5cf59f7d0c361b41e220fd0ebbde  mbs1/x86_64/php-gd-5.5.24-1.mbs1.x86_64.rpm\n cd5fef5777b58e0562ddeb3ca4b4e1dd  mbs1/x86_64/php-gettext-5.5.24-1.mbs1.x86_64.rpm\n aba136588f2c77f2cca4bcc300e7f0b5  mbs1/x86_64/php-gmp-5.5.24-1.mbs1.x86_64.rpm\n 8752b1e4f863b2cdadf08cfdcaf462f7  mbs1/x86_64/php-hash-5.5.24-1.mbs1.x86_64.rpm\n 36bef8c7e03cdffd66a4553266e1a13d  mbs1/x86_64/php-iconv-5.5.24-1.mbs1.x86_64.rpm\n 0b405f5f49d174745a4135e033fbe234  mbs1/x86_64/php-imap-5.5.24-1.mbs1.x86_64.rpm\n fc25a10fb623016b5e95595aa114274a  mbs1/x86_64/php-ini-5.5.24-1.mbs1.x86_64.rpm\n c4435a44b199cd4fadca0cac247aca06  mbs1/x86_64/php-intl-5.5.24-1.mbs1.x86_64.rpm\n ec611fd14d6b502990fe0a3ab243211a  mbs1/x86_64/php-json-5.5.24-1.mbs1.x86_64.rpm\n 519c8ae2df9aeca23d15953470c3a485  mbs1/x86_64/php-ldap-5.5.24-1.mbs1.x86_64.rpm\n f52168266f3d1df5a333f2acb83c7739  mbs1/x86_64/php-mbstring-5.5.24-1.mbs1.x86_64.rpm\n 8fed199f0b2be5b2d1780bed11c5c5d6  mbs1/x86_64/php-mcrypt-5.5.24-1.mbs1.x86_64.rpm\n e5d5276bcfaa7d951b4b543e76949a2f  mbs1/x86_64/php-mssql-5.5.24-1.mbs1.x86_64.rpm\n 0a34a8334cd8a3e4d7867a962df62f15  mbs1/x86_64/php-mysql-5.5.24-1.mbs1.x86_64.rpm\n 3fd0dcc4cb8c4ef136c68e243788aa85  mbs1/x86_64/php-mysqli-5.5.24-1.mbs1.x86_64.rpm\n d9db3dd5963888f69b11cdaa1d1c97e4  mbs1/x86_64/php-mysqlnd-5.5.24-1.mbs1.x86_64.rpm\n f27cbd0c9f968bfa7d6f10d8040a1f4f  mbs1/x86_64/php-odbc-5.5.24-1.mbs1.x86_64.rpm\n db18ba83bd3e8f82f189c4e93799de9a  mbs1/x86_64/php-opcache-5.5.24-1.mbs1.x86_64.rpm\n 7e02eaad2751f993fcd7af5a649b4707  mbs1/x86_64/php-openssl-5.5.24-1.mbs1.x86_64.rpm\n be43bdb8b4c0ea65901bb7ab4a12e1be  mbs1/x86_64/php-pcntl-5.5.24-1.mbs1.x86_64.rpm\n 57ba222e0921de0efcad052a1ed359cc  mbs1/x86_64/php-pdo-5.5.24-1.mbs1.x86_64.rpm\n 3ba50d22dead03f756136363e1e2ce27  mbs1/x86_64/php-pdo_dblib-5.5.24-1.mbs1.x86_64.rpm\n fe6858486fc7a42f7099f103fec8e0c9  mbs1/x86_64/php-pdo_mysql-5.5.24-1.mbs1.x86_64.rpm\n 407570e83b281be3515970aa6e24a773  mbs1/x86_64/php-pdo_odbc-5.5.24-1.mbs1.x86_64.rpm\n e5c66883133694a146b0f4840749a7d7  mbs1/x86_64/php-pdo_pgsql-5.5.24-1.mbs1.x86_64.rpm\n d41508abccb63d3b0c0d44a82596f1d6  mbs1/x86_64/php-pdo_sqlite-5.5.24-1.mbs1.x86_64.rpm\n 3f7dd514cca5b5259854043194099c4c  mbs1/x86_64/php-pgsql-5.5.24-1.mbs1.x86_64.rpm\n 1b6b8a0d2e033b35697757a49329d51e  mbs1/x86_64/php-phar-5.5.24-1.mbs1.x86_64.rpm\n 30e86f3079cd49241d680f46542b16b8  mbs1/x86_64/php-posix-5.5.24-1.mbs1.x86_64.rpm\n b065951f2e32008908857708ae2f1539  mbs1/x86_64/php-readline-5.5.24-1.mbs1.x86_64.rpm\n 13886e31952529313c505acbc7ebbbc6  mbs1/x86_64/php-recode-5.5.24-1.mbs1.x86_64.rpm\n 95ca2a29237d6f3e6f852431626be072  mbs1/x86_64/php-session-5.5.24-1.mbs1.x86_64.rpm\n f5f33541bc2a3b3f0b456989e20aa45c  mbs1/x86_64/php-shmop-5.5.24-1.mbs1.x86_64.rpm\n c5414a148aa0e25b03b9faf79c50693a  mbs1/x86_64/php-snmp-5.5.24-1.mbs1.x86_64.rpm\n d02afd660db7544b09328445c2f99ec6  mbs1/x86_64/php-soap-5.5.24-1.mbs1.x86_64.rpm\n 239a1c675cf3a4f853cc94cfc188e60e  mbs1/x86_64/php-sockets-5.5.24-1.mbs1.x86_64.rpm\n 04e689ed1f9163a149f3448cfe4bd218  mbs1/x86_64/php-sqlite3-5.5.24-1.mbs1.x86_64.rpm\n a39905d2eae282b1d06db94afbf51255  mbs1/x86_64/php-sybase_ct-5.5.24-1.mbs1.x86_64.rpm\n a7fd332d4fea37c9f3335a0d8921f228  mbs1/x86_64/php-sysvmsg-5.5.24-1.mbs1.x86_64.rpm\n b9fdd882caee7f469d3c285082e8f717  mbs1/x86_64/php-sysvsem-5.5.24-1.mbs1.x86_64.rpm\n 79ede61a89fae9e6fab33f1a99b3ded7  mbs1/x86_64/php-sysvshm-5.5.24-1.mbs1.x86_64.rpm\n 5f0b1072e400ccc886979e7647c160f2  mbs1/x86_64/php-tidy-5.5.24-1.mbs1.x86_64.rpm\n 1df6d933d3f5c14bb334b8e49df50901  mbs1/x86_64/php-timezonedb-2015.4-1.mbs1.x86_64.rpm\n e03d364e8d94dc5e509f89ad06b1ceec  mbs1/x86_64/php-tokenizer-5.5.24-1.mbs1.x86_64.rpm\n 4eb33980b578bc3f7c8436993e401a6b  mbs1/x86_64/php-wddx-5.5.24-1.mbs1.x86_64.rpm\n cfb0b798a98736cebe6d2854610e5c88  mbs1/x86_64/php-xml-5.5.24-1.mbs1.x86_64.rpm\n 2d05b6ecae1866827a732b19bdea2682  mbs1/x86_64/php-xmlreader-5.5.24-1.mbs1.x86_64.rpm\n bab20d281d211f8202d881723f0091f1  mbs1/x86_64/php-xmlrpc-5.5.24-1.mbs1.x86_64.rpm\n d213f4b86b0532049556a37958d12570  mbs1/x86_64/php-xmlwriter-5.5.24-1.mbs1.x86_64.rpm\n a43e88b8cb0cf9a46d63f318d63853c7  mbs1/x86_64/php-xsl-5.5.24-1.mbs1.x86_64.rpm\n 3150b97e91d4363c5b79b6e67cf4febe  mbs1/x86_64/php-zip-5.5.24-1.mbs1.x86_64.rpm\n 962d3621008091b8186481e521296d29  mbs1/x86_64/php-zlib-5.5.24-1.mbs1.x86_64.rpm \n 52139e1dbd986bf5b685ee0f92e67da2  mbs1/SRPMS/php-5.5.24-1.mbs1.src.rpm\n 854f5600d70006910d80643b638289d4  mbs1/SRPMS/php-apc-3.1.15-1.18.mbs1.src.rpm\n 77e0fad280231397615e51f099b33f1c  mbs1/SRPMS/php-timezonedb-2015.4-1.mbs1.src.rpm\n\n Mandriva Business Server 2/X86_64:\n 2a2dcd3f73583e81c1d4ca142814ed6a  mbs2/x86_64/apache-mod_php-5.5.24-1.mbs2.x86_64.rpm\n a7964f16c85b0772835366fa821f7dd1  mbs2/x86_64/lib64php5_common5-5.5.24-1.mbs2.x86_64.rpm\n 624d6512573e4ccc202f9ea08433727e  mbs2/x86_64/php-bcmath-5.5.24-1.mbs2.x86_64.rpm\n dd817015c54820a9fc967da7db4b1461  mbs2/x86_64/php-bz2-5.5.24-1.mbs2.x86_64.rpm\n 1c022b50d3f12d3e8e358fca3afe6f0f  mbs2/x86_64/php-calendar-5.5.24-1.mbs2.x86_64.rpm\n 52159b3e747e424b1fe40944f404b45d  mbs2/x86_64/php-cgi-5.5.24-1.mbs2.x86_64.rpm\n 5ac82cf4acc95e8d8a80537173a1dc98  mbs2/x86_64/php-cli-5.5.24-1.mbs2.x86_64.rpm\n e7271551aa14e6931b0ba22ee33d3712  mbs2/x86_64/php-ctype-5.5.24-1.mbs2.x86_64.rpm\n 7293fa4917183914c356cc2376a5e1ab  mbs2/x86_64/php-curl-5.5.24-1.mbs2.x86_64.rpm\n 258058f8e1cda5be8a9444964a553691  mbs2/x86_64/php-dba-5.5.24-1.mbs2.x86_64.rpm\n c0a6fa757e9ffda700f65a93442564d4  mbs2/x86_64/php-devel-5.5.24-1.mbs2.x86_64.rpm\n c06bc210915a004b2b9fcd084f853e20  mbs2/x86_64/php-doc-5.5.24-1.mbs2.noarch.rpm\n 049a5952ec9f5af423d4ecc78ff80f60  mbs2/x86_64/php-dom-5.5.24-1.mbs2.x86_64.rpm\n c09f88b638281bb87aea12ef38455f36  mbs2/x86_64/php-enchant-5.5.24-1.mbs2.x86_64.rpm\n 54d1dc9b189dfb87de442ba2c765deef  mbs2/x86_64/php-exif-5.5.24-1.mbs2.x86_64.rpm\n ee6d0aa018912da413a14365a41cc1a2  mbs2/x86_64/php-fileinfo-5.5.24-1.mbs2.x86_64.rpm\n 0f216dc10bb650bdf29c01d9905ca4f2  mbs2/x86_64/php-filter-5.5.24-1.mbs2.x86_64.rpm\n 4bf7b3c69724d769e10f8341c95d6004  mbs2/x86_64/php-fpm-5.5.24-1.mbs2.x86_64.rpm\n aeb60443860bbb7e88a0288fb3e2f6cd  mbs2/x86_64/php-ftp-5.5.24-1.mbs2.x86_64.rpm\n 226a551699749179b94570dfa3c50986  mbs2/x86_64/php-gd-5.5.24-1.mbs2.x86_64.rpm\n 5e29df38df1b862e4ba3b5486cdbcc47  mbs2/x86_64/php-gettext-5.5.24-1.mbs2.x86_64.rpm\n ead9effbca236c6c2902955935c28225  mbs2/x86_64/php-gmp-5.5.24-1.mbs2.x86_64.rpm\n c8f01d16bb8cbbd1d891c68c54d2dd16  mbs2/x86_64/php-hash-5.5.24-1.mbs2.x86_64.rpm\n c1c7332cf8dc2c0d21cb57bf4d7f81dd  mbs2/x86_64/php-iconv-5.5.24-1.mbs2.x86_64.rpm\n 7f86a963f8cf5e6351acd1fdf995b7a1  mbs2/x86_64/php-imap-5.5.24-1.mbs2.x86_64.rpm\n 215c060793b574a36c28131dca9bf9c7  mbs2/x86_64/php-ini-5.5.24-1.mbs2.x86_64.rpm\n 7f07f161b4e1885aa807d3753d948e10  mbs2/x86_64/php-interbase-5.5.24-1.mbs2.x86_64.rpm\n 8171c9830749db254898f80f8ecbdd04  mbs2/x86_64/php-intl-5.5.24-1.mbs2.x86_64.rpm\n 1fa26b49fa8e0b776d484b4fcc0d4bf3  mbs2/x86_64/php-json-5.5.24-1.mbs2.x86_64.rpm\n 29051ac44b6e2068a71c026e9d458536  mbs2/x86_64/php-ldap-5.5.24-1.mbs2.x86_64.rpm\n 3d97347fe4b9589ae80b7fd16c281dcd  mbs2/x86_64/php-mbstring-5.5.24-1.mbs2.x86_64.rpm\n 1a5a41400380b4bcde25d2b693e1dab0  mbs2/x86_64/php-mcrypt-5.5.24-1.mbs2.x86_64.rpm\n a79635ca99cd7ae80d1661373161da1f  mbs2/x86_64/php-mssql-5.5.24-1.mbs2.x86_64.rpm\n cdc3bde549c9ae73915db8a0e0919ce5  mbs2/x86_64/php-mysql-5.5.24-1.mbs2.x86_64.rpm\n 7a72c1ab11020a2c52aa3a74636d5342  mbs2/x86_64/php-mysqli-5.5.24-1.mbs2.x86_64.rpm\n 93fb357f9dbf32887a98a5409b3b8a16  mbs2/x86_64/php-mysqlnd-5.5.24-1.mbs2.x86_64.rpm\n caf79717e1ca56ec3e53fdaa25e734aa  mbs2/x86_64/php-odbc-5.5.24-1.mbs2.x86_64.rpm\n eb293f64d2bd635c70d36274275e60bb  mbs2/x86_64/php-opcache-5.5.24-1.mbs2.x86_64.rpm\n 91847d268cb8a62eb0e89fc95a9c51e6  mbs2/x86_64/php-openssl-5.5.24-1.mbs2.x86_64.rpm\n 35e065d8684684e3e304bafbb309c895  mbs2/x86_64/php-pcntl-5.5.24-1.mbs2.x86_64.rpm\n d65e05e7edf7480ed362783dc75609be  mbs2/x86_64/php-pdo-5.5.24-1.mbs2.x86_64.rpm\n 8657b2e1171497ff9ae5864ecccfeb23  mbs2/x86_64/php-pdo_dblib-5.5.24-1.mbs2.x86_64.rpm\n 19c9414ced1e0806b77347f9427d6653  mbs2/x86_64/php-pdo_firebird-5.5.24-1.mbs2.x86_64.rpm\n 28b09335667ac3993f1aca5da234df8a  mbs2/x86_64/php-pdo_mysql-5.5.24-1.mbs2.x86_64.rpm\n b928f58777cfbd848985606bd680bf8f  mbs2/x86_64/php-pdo_odbc-5.5.24-1.mbs2.x86_64.rpm\n ba6bf3afe9d497b9f1d99cb467b13ca5  mbs2/x86_64/php-pdo_pgsql-5.5.24-1.mbs2.x86_64.rpm\n 21823497094c28ce7bf74f052122fe99  mbs2/x86_64/php-pdo_sqlite-5.5.24-1.mbs2.x86_64.rpm\n 4a6a259c16ca5bad2b466f29acad4985  mbs2/x86_64/php-pgsql-5.5.24-1.mbs2.x86_64.rpm\n 7c9c9f9555a74f3257c6e8f16222d21f  mbs2/x86_64/php-phar-5.5.24-1.mbs2.x86_64.rpm\n db4254db501a4fca54fa367b20f068f4  mbs2/x86_64/php-posix-5.5.24-1.mbs2.x86_64.rpm\n 10fb26df5f5a5d3b1988c40678b56fb6  mbs2/x86_64/php-readline-5.5.24-1.mbs2.x86_64.rpm\n c20ddec24b84440146734feb639b0f00  mbs2/x86_64/php-recode-5.5.24-1.mbs2.x86_64.rpm\n 68a49598e99391f37342a3d23a1414e7  mbs2/x86_64/php-session-5.5.24-1.mbs2.x86_64.rpm\n a26563d738120cba5f81ddda143ca55f  mbs2/x86_64/php-shmop-5.5.24-1.mbs2.x86_64.rpm\n d69120a1ed4aeb3fe229cc83120d8c78  mbs2/x86_64/php-snmp-5.5.24-1.mbs2.x86_64.rpm\n 4596e3f325f70a29bf12d76793984b20  mbs2/x86_64/php-soap-5.5.24-1.mbs2.x86_64.rpm\n 7deda5cc9443b117fad82352943353ff  mbs2/x86_64/php-sockets-5.5.24-1.mbs2.x86_64.rpm\n bc3f0ad45bb5bf488c73a5933a70d2c0  mbs2/x86_64/php-sqlite3-5.5.24-1.mbs2.x86_64.rpm\n 295fa388d26e62dcb0faf23c6e690ffa  mbs2/x86_64/php-sybase_ct-5.5.24-1.mbs2.x86_64.rpm\n 88367608d60aac24ca0b0d0d92187b0e  mbs2/x86_64/php-sysvmsg-5.5.24-1.mbs2.x86_64.rpm\n 36eac7d0e9a1f148e8954912db56dc13  mbs2/x86_64/php-sysvsem-5.5.24-1.mbs2.x86_64.rpm\n 74e6909f0c7a516bd99625c649bed33c  mbs2/x86_64/php-sysvshm-5.5.24-1.mbs2.x86_64.rpm\n 9142ae8fb4665580503bc0520d3aaf89  mbs2/x86_64/php-tidy-5.5.24-1.mbs2.x86_64.rpm\n 4ee29061197f48af9c987d31abdec823  mbs2/x86_64/php-timezonedb-2015.4-1.mbs2.x86_64.rpm\n eafea4beda5144dd3adac0afce3f2258  mbs2/x86_64/php-tokenizer-5.5.24-1.mbs2.x86_64.rpm\n 505c78284f22f95d8a574c13ea043bc4  mbs2/x86_64/php-wddx-5.5.24-1.mbs2.x86_64.rpm\n e7e4fe996d11553ebd80ad4392caae2e  mbs2/x86_64/php-xml-5.5.24-1.mbs2.x86_64.rpm\n 7a1c383a450c6a80f95255434e5390fd  mbs2/x86_64/php-xmlreader-5.5.24-1.mbs2.x86_64.rpm\n 2af0b36e46ba236da59a98631c664bd9  mbs2/x86_64/php-xmlrpc-5.5.24-1.mbs2.x86_64.rpm\n a3f77553286094ecd60e174cfdb0e6dc  mbs2/x86_64/php-xmlwriter-5.5.24-1.mbs2.x86_64.rpm\n b3bb2d250c73f7c355394353b4c0599d  mbs2/x86_64/php-xsl-5.5.24-1.mbs2.x86_64.rpm\n a8f9476cba7a6aaab6eee8da66fd8fea  mbs2/x86_64/php-zip-5.5.24-1.mbs2.x86_64.rpm\n 43d4282dddd18c07b87774cf704ce5be  mbs2/x86_64/php-zlib-5.5.24-1.mbs2.x86_64.rpm \n 8cdfdd3582b44c38d735c58aea9e45f7  mbs2/SRPMS/php-5.5.24-1.mbs2.src.rpm\n 09afb4a05a8a1add563f2cb348fb2b0d  mbs2/SRPMS/php-timezonedb-2015.4-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\nCVE-2015-4024\n\n    Denial of service when processing multipart/form-data requests. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 5.4.41-0+deb7u1. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.9+dfsg-0+deb8u1. \n\nFor the testing distribution (stretch), these problems have been fixed\nin version 5.6.9+dfsg-1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.6.9+dfsg-1. \n\nWe recommend that you upgrade your php5 packages",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3329"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          },
          {
            "db": "BID",
            "id": "74240"
          },
          {
            "db": "VULHUB",
            "id": "VHN-81290"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3329"
          },
          {
            "db": "PACKETSTORM",
            "id": "131528"
          },
          {
            "db": "PACKETSTORM",
            "id": "132618"
          },
          {
            "db": "PACKETSTORM",
            "id": "132406"
          },
          {
            "db": "PACKETSTORM",
            "id": "137539"
          },
          {
            "db": "PACKETSTORM",
            "id": "131640"
          },
          {
            "db": "PACKETSTORM",
            "id": "132198"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-3329",
            "trust": 3.5
          },
          {
            "db": "BID",
            "id": "74240",
            "trust": 2.1
          },
          {
            "db": "SECTRACK",
            "id": "1032145",
            "trust": 1.8
          },
          {
            "db": "JVN",
            "id": "JVNVU97220341",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU94440136",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-81290",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3329",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131528",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132618",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132406",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "137539",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131640",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "132198",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81290"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3329"
          },
          {
            "db": "BID",
            "id": "74240"
          },
          {
            "db": "PACKETSTORM",
            "id": "131528"
          },
          {
            "db": "PACKETSTORM",
            "id": "132618"
          },
          {
            "db": "PACKETSTORM",
            "id": "132406"
          },
          {
            "db": "PACKETSTORM",
            "id": "137539"
          },
          {
            "db": "PACKETSTORM",
            "id": "131640"
          },
          {
            "db": "PACKETSTORM",
            "id": "132198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3329"
          }
        ]
      },
      "id": "VAR-201506-0464",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81290"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:57:54.364000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APPLE-SA-2015-09-30-3 OS X El Capitan 10.11",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
          },
          {
            "title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "title": "HT205267",
            "trust": 0.8,
            "url": "https://support.apple.com/en-us/HT205267"
          },
          {
            "title": "HT205031",
            "trust": 0.8,
            "url": "https://support.apple.com/en-us/HT205031"
          },
          {
            "title": "HT205267",
            "trust": 0.8,
            "url": "http://support.apple.com/ja-jp/HT205267"
          },
          {
            "title": "HT205031",
            "trust": 0.8,
            "url": "https://support.apple.com/ja-jp/HT205031"
          },
          {
            "title": "Sec Bug #69441",
            "trust": 0.8,
            "url": "https://bugs.php.net/bug.php?id=69441"
          },
          {
            "title": "PHP 5 ChangeLog",
            "trust": 0.8,
            "url": "http://php.net/ChangeLog-5.php"
          },
          {
            "title": "Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)",
            "trust": 0.8,
            "url": "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
          },
          {
            "title": "Red Hat: CVE-2015-3329",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-3329"
          },
          {
            "title": "Ubuntu Security Notice: php5 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2572-1"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-510",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-510"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-511",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-511"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2015-509",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2015-509"
          },
          {
            "title": "Debian Security Advisories: DSA-3280-1 php5 -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=46f85ac4e3abfa7a18e115fb47892db6"
          },
          {
            "title": "Apple: OS X El Capitan v10.11",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=e88bab658248444f5dffc23fd95859e7"
          },
          {
            "title": "Apple: OS X Yosemite v10.10.5 and Security Update 2015-006",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=9834d0d73bf28fb80d3390930bafd906"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - January 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=8ad80411af3e936eb2998df70506cc71"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=8b701aba68029ec36b631a8e26157a22"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3329"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3329"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/74240"
          },
          {
            "trust": 2.4,
            "url": "http://www.debian.org/security/2015/dsa-3280"
          },
          {
            "trust": 2.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1135.html"
          },
          {
            "trust": 2.1,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "trust": 1.9,
            "url": "https://security.gentoo.org/glsa/201606-10"
          },
          {
            "trust": 1.9,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1218.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.ubuntu.com/usn/usn-2572-1"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00008.html"
          },
          {
            "trust": 1.8,
            "url": "http://php.net/changelog-5.php"
          },
          {
            "trust": 1.8,
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
          },
          {
            "trust": 1.8,
            "url": "https://bugs.php.net/bug.php?id=69441"
          },
          {
            "trust": 1.8,
            "url": "https://support.apple.com/ht205267"
          },
          {
            "trust": 1.8,
            "url": "https://support.apple.com/kb/ht205031"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1066.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1186.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1187.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id/1032145"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html"
          },
          {
            "trust": 1.0,
            "url": "http://git.php.net/?p=php-src.git%3ba=commit%3bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3329"
          },
          {
            "trust": 0.8,
            "url": "http://git.php.net/?p=php-src.git;a=commit;h=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu94440136/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu97220341/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3329"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3329"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2783"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3330"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2787"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4021"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4026"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4022"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2015-3329"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213449"
          },
          {
            "trust": 0.3,
            "url": "http://www.php.net/"
          },
          {
            "trust": 0.3,
            "url": "http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00001.html"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2348"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4148"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4147"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9705"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2301"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4024"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9709"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0273"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4025"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4601"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3411"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4600"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4603"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4024"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4021"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4600"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4147"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-3307"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-3411"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4022"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-2783"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3412"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4602"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3307"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4148"
          },
          {
            "trust": 0.2,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4599"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0232"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4026"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-0232"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-0273"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2014-9705"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-3412"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4598"
          },
          {
            "trust": 0.2,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4602"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4599"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-2787"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4598"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-4601"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2015-2301"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.2,
            "url": "https://access.redhat.com/security/cve/cve-2014-9709"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0231"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39487"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/2572-1/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2305"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php5/5.5.12+dfsg-2ubuntu4.4"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.30"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.9"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.18"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-9425"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9425"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4603"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-8142"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-4604"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-3330"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-4605"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-4025"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-2348"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-8142"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9652"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2014-9652"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2015-0231"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2301"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1352"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2348"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4022"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6836"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9709"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4026"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6836"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6831"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0273"
          },
          {
            "trust": 0.1,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4021"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7804"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4643"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-6501"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6834"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6835"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4642"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1351"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1352"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6832"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6832"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6831"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6835"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3330"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6838"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2787"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4148"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-6501"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4147"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2783"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3329"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7803"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6837"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1351"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6833"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4025"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9705"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-6834"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0231"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6833"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3330"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/en/support/security/advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://advisories.mageia.org/mgasa-2015-0169.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2783"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-81290"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3329"
          },
          {
            "db": "BID",
            "id": "74240"
          },
          {
            "db": "PACKETSTORM",
            "id": "131528"
          },
          {
            "db": "PACKETSTORM",
            "id": "132618"
          },
          {
            "db": "PACKETSTORM",
            "id": "132406"
          },
          {
            "db": "PACKETSTORM",
            "id": "137539"
          },
          {
            "db": "PACKETSTORM",
            "id": "131640"
          },
          {
            "db": "PACKETSTORM",
            "id": "132198"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3329"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-81290",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3329",
            "ident": null
          },
          {
            "db": "BID",
            "id": "74240",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131528",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132618",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132406",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "137539",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "131640",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "132198",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3329",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2015-06-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-81290",
            "ident": null
          },
          {
            "date": "2015-06-09T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3329",
            "ident": null
          },
          {
            "date": "2015-04-20T00:00:00",
            "db": "BID",
            "id": "74240",
            "ident": null
          },
          {
            "date": "2015-04-20T19:22:00",
            "db": "PACKETSTORM",
            "id": "131528",
            "ident": null
          },
          {
            "date": "2015-07-09T23:16:17",
            "db": "PACKETSTORM",
            "id": "132618",
            "ident": null
          },
          {
            "date": "2015-06-23T14:07:16",
            "db": "PACKETSTORM",
            "id": "132406",
            "ident": null
          },
          {
            "date": "2016-06-19T15:55:00",
            "db": "PACKETSTORM",
            "id": "137539",
            "ident": null
          },
          {
            "date": "2015-04-27T16:21:20",
            "db": "PACKETSTORM",
            "id": "131640",
            "ident": null
          },
          {
            "date": "2015-06-10T01:21:58",
            "db": "PACKETSTORM",
            "id": "132198",
            "ident": null
          },
          {
            "date": "2015-04-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-041",
            "ident": null
          },
          {
            "date": "2015-06-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-003046",
            "ident": null
          },
          {
            "date": "2015-06-09T18:59:02.537000",
            "db": "NVD",
            "id": "CVE-2015-3329",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2019-12-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-81290",
            "ident": null
          },
          {
            "date": "2019-12-27T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3329",
            "ident": null
          },
          {
            "date": "2016-07-05T21:28:00",
            "db": "BID",
            "id": "74240",
            "ident": null
          },
          {
            "date": "2019-12-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-041",
            "ident": null
          },
          {
            "date": "2015-10-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-003046",
            "ident": null
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-3329",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "131528"
          },
          {
            "db": "PACKETSTORM",
            "id": "132406"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "PHP of  phar_internal.h of  phar_set_inode Stack-based buffer overflow vulnerability in functions",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-003046"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-041"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201211-0369

    Vulnerability from variot - Updated: 2026-04-10 22:53

    Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player and AIR are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed attempts will likely cause a denial-of-service condition. NOTE: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Google Chrome Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA51210

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51210

    RELEASE DATE: 2012-11-07

    DISCUSS ADVISORY: http://secunia.com/advisories/51210/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/51210/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=51210

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

    For more information: SA51213

    2) An integer overflow error exists in WebP handling.

    3) An error in v8 can be exploited to cause an out-of-bounds array access.

    4) A use-after-free error exists in SVG filter handling.

    5) An error exists related to integer boundary checks within GPU command buffers.

    6) A use-after-free error exists in video layout handling.

    7) An error exists related to inappropriate loading of SVG subresource in "img" context.

    8) A race condition error exists in Pepper buffer handling.

    9) A type casting error exists in certain input handling.

    10) An error in Skia can be exploited to cause an out-of-bounds read.

    11) An error in texture handling can be exploited to corrupt memory.

    12) A use-after-free error exists in extension tab handling.

    13) A use-after-free error exists in plug-in placeholder handling.

    14) An error in v8 can be exploited to corrupt memory.

    SOLUTION: Upgrade to version 23.0.1271.64.

    PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Phil Turnbull 3, 6) Atte Kettunen, OUSPG. 4, 5) miaubiz 7) Felix Gr\xf6bert, Google Security Team 8) Fermin Serna, Google Security Team 9, 10, 13) Inferno, Google Chrome Security Team 11) Al Patrick, Chromium development community 12) Alexander Potapenko, Chromium development community 14) Cris Neckar, Google Chrome Security Team

    ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2012:1431-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1431.html Issue date: 2012-11-07 CVE Names: CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 CVE-2012-5280 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB12-24, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    873818 - flash-plugin: multiple code-execution flaws (APSB12-24)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.251-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.251-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.251-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.251-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.251-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.251-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.251-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2012-5274.html https://www.redhat.com/security/data/cve/CVE-2012-5275.html https://www.redhat.com/security/data/cve/CVE-2012-5276.html https://www.redhat.com/security/data/cve/CVE-2012-5277.html https://www.redhat.com/security/data/cve/CVE-2012-5278.html https://www.redhat.com/security/data/cve/CVE-2012-5279.html https://www.redhat.com/security/data/cve/CVE-2012-5280.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb12-24.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH wmLm/s5nqgvfyTp8wUW9wVE= =fVdJ -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 .

    Successful exploitation of the vulnerabilities may allow execution of arbitrary code. 7) Eduardo Vela Nava, Google Security Team

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.251"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.5.502.110"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.24"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.43"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.251"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include )"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.5.0.600"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 32-bit systems (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.5.502.110"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": "23.0.1271.64"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows    macintosh)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "linux)"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.43"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 64-bit systems (adobe flash player 11.3.376.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.24"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.4.0.2540"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.3.9120"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.0.4990"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "3.4.0.2540"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "1.5.0.7220"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opensuse",
            "version": "12.2"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "56554"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5279"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_8",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Secunia",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          }
        ],
        "trust": 0.5
      },
      "cve": "CVE-2012-5279",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2012-5279",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-58560",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-5279",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-5279",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201211-136",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-58560",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58560"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5279"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player and AIR are prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to execute arbitrary code within the context of the user running the affected application. Failed attempts will likely cause a denial-of-service condition. \nNOTE: This issue was previously covered in BID 56412 (Adobe Flash Player and AIR APSB12-24 Multiple Security Vulnerabilities) but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nGoogle Chrome Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51210\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51210/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nRELEASE DATE:\n2012-11-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51210/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51210/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Google Chrome, which\ncan be exploited by malicious people to bypass certain security\nrestrictions and compromise a user\u0027s system. \n\nFor more information:\nSA51213\n\n2) An integer overflow error exists in WebP handling. \n\n3) An error in v8 can be exploited to cause an out-of-bounds array\naccess. \n\n4) A use-after-free error exists in SVG filter handling. \n\n5) An error exists related to integer boundary checks within GPU\ncommand buffers. \n\n6) A use-after-free error exists in video layout handling. \n\n7) An error exists related to inappropriate loading of SVG\nsubresource in \"img\" context. \n\n8) A race condition error exists in Pepper buffer handling. \n\n9) A type casting error exists in certain input handling. \n\n10) An error in Skia can be exploited to cause an out-of-bounds\nread. \n\n11) An error in texture handling can be exploited to corrupt memory. \n\n12) A use-after-free error exists in extension tab handling. \n\n13) A use-after-free error exists in plug-in placeholder handling. \n\n14) An error in v8 can be exploited to corrupt memory. \n\nSOLUTION:\nUpgrade to version 23.0.1271.64. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n2) Phil Turnbull\n3, 6) Atte Kettunen, OUSPG. \n4, 5) miaubiz\n7) Felix Gr\\xf6bert, Google Security Team\n8) Fermin Serna, Google Security Team\n9, 10, 13) Inferno, Google Chrome Security Team\n11) Al Patrick, Chromium development community\n12) Alexander Potapenko, Chromium development community\n14) Cris Neckar, Google Chrome Security Team\n\nORIGINAL ADVISORY:\nGoogle:\nhttp://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2012:1431-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2012-1431.html\nIssue date:        2012-11-07\nCVE Names:         CVE-2012-5274 CVE-2012-5275 CVE-2012-5276 \n                   CVE-2012-5277 CVE-2012-5278 CVE-2012-5279 \n                   CVE-2012-5280 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB12-24,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n873818 - flash-plugin: multiple code-execution flaws (APSB12-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.251-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-5274.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5275.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5276.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5277.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5278.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5279.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-5280.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb12-24.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2012 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFQmiFjXlSAg2UNWIIRAi97AKClBeUc3AMPcWNkYfME6ndKJqg18ACdGuPH\nwmLm/s5nqgvfyTp8wUW9wVE=\n=fVdJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n7) Eduardo Vela Nava, Google Security Team",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-5279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          },
          {
            "db": "BID",
            "id": "56554"
          },
          {
            "db": "VULHUB",
            "id": "VHN-58560"
          },
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117947"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-5279",
            "trust": 3.0
          },
          {
            "db": "SECUNIA",
            "id": "51207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "51186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "51213",
            "trust": 1.8
          },
          {
            "db": "BID",
            "id": "56554",
            "trust": 1.4
          },
          {
            "db": "SECUNIA",
            "id": "51245",
            "trust": 1.2
          },
          {
            "db": "SECTRACK",
            "id": "1027730",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "51210",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-58560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "118097",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117944",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117963",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117960",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117947",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "117961",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58560"
          },
          {
            "db": "BID",
            "id": "56554"
          },
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117947"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5279"
          }
        ]
      },
      "id": "VAR-201211-0369",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58560"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:53:58.529000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB12-24",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
          },
          {
            "title": "APSB12-24 (cq11061810)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq11061810.html"
          },
          {
            "title": "APSB12-24",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb12-24.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Release and Beta Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2012/11/stable-channel-release-and-beta-channel.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "openSUSE-SU-2012:1480",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
          },
          {
            "title": "SUSE-SU-2012:1485",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
          },
          {
            "title": "RHSA-2012:1431",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1431.html"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20121113f.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58560"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5279"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.adobe.com/support/security/bulletins/apsb12-24.html"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/51186"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/51207"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/51213"
          },
          {
            "trust": 1.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2012-1431.html"
          },
          {
            "trust": 1.2,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/56554"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1027730"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/51245"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79850"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5279"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20121107-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2012/at120034.txt"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5279"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/#topics"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/51210"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.5,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51245/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51245"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51245/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51207/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51207"
          },
          {
            "trust": 0.1,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51207/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51186"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51186/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51186/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51210"
          },
          {
            "trust": 0.1,
            "url": "http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51210/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51210/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5278.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5277.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5275.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5279.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5280.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5276.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2012-5274.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51213/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/51213/#comments"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51213"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-58560"
          },
          {
            "db": "BID",
            "id": "56554"
          },
          {
            "db": "PACKETSTORM",
            "id": "118097"
          },
          {
            "db": "PACKETSTORM",
            "id": "117944"
          },
          {
            "db": "PACKETSTORM",
            "id": "117963"
          },
          {
            "db": "PACKETSTORM",
            "id": "117960"
          },
          {
            "db": "PACKETSTORM",
            "id": "117947"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "117961"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5279"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-58560",
            "ident": null
          },
          {
            "db": "BID",
            "id": "56554",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "118097",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117944",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117963",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117960",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117947",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "117961",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5279",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2012-11-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-58560",
            "ident": null
          },
          {
            "date": "2012-11-06T00:00:00",
            "db": "BID",
            "id": "56554",
            "ident": null
          },
          {
            "date": "2012-11-14T06:05:43",
            "db": "PACKETSTORM",
            "id": "118097",
            "ident": null
          },
          {
            "date": "2012-11-07T04:12:41",
            "db": "PACKETSTORM",
            "id": "117944",
            "ident": null
          },
          {
            "date": "2012-11-08T11:19:24",
            "db": "PACKETSTORM",
            "id": "117963",
            "ident": null
          },
          {
            "date": "2012-11-08T11:19:15",
            "db": "PACKETSTORM",
            "id": "117960",
            "ident": null
          },
          {
            "date": "2012-11-08T00:12:49",
            "db": "PACKETSTORM",
            "id": "117947",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2012-11-08T11:19:18",
            "db": "PACKETSTORM",
            "id": "117961",
            "ident": null
          },
          {
            "date": "2012-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201211-136",
            "ident": null
          },
          {
            "date": "2012-11-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-005275",
            "ident": null
          },
          {
            "date": "2012-11-07T05:41:22.270000",
            "db": "NVD",
            "id": "CVE-2012-5279",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-58560",
            "ident": null
          },
          {
            "date": "2013-09-17T00:13:00",
            "db": "BID",
            "id": "56554",
            "ident": null
          },
          {
            "date": "2012-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201211-136",
            "ident": null
          },
          {
            "date": "2012-12-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-005275",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-5279",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to arbitrary code execution",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-005275"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201211-136"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200802-0651

    Vulnerability from variot - Updated: 2026-04-10 22:52

    modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10. Firefox and Opera browsers are prone to a vulnerability that can result in information disclosure or a denial of service. An attacker can exploit this issue to harvest sensitive information that may be used to launch further attacks or to crash the affected application, denying service to legitimate users. Mozilla Firefox 2.0.0.11 and Opera 9.50 Beta are affected. This vulnerability is related to CVE-2008-0420. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem.

    We apologize for the inconvenience.

    Original advisory details:

    It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200805-18


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Mozilla products: Multiple vulnerabilities Date: May 20, 2008 Bugs: #208128, #214816, #218065 ID: 200805-18


    Synopsis

    Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code.

    Background

    Mozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the 'Mozilla Application Suite'. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications like Firefox and Thunderbird.

    Affected packages

    -------------------------------------------------------------------
     Package                  /  Vulnerable  /              Unaffected
    -------------------------------------------------------------------
    

    1 mozilla-firefox < 2.0.0.14 >= 2.0.0.14 2 mozilla-firefox-bin < 2.0.0.14 >= 2.0.0.14 3 mozilla-thunderbird < 2.0.0.14 >= 2.0.0.14 4 mozilla-thunderbird-bin < 2.0.0.14 >= 2.0.0.14 5 seamonkey < 1.1.9-r1 >= 1.1.9-r1 6 seamonkey-bin < 1.1.9 >= 1.1.9 7 xulrunner < 1.8.1.14 >= 1.8.1.14 ------------------------------------------------------------------- 7 affected packages on all of their supported architectures. -------------------------------------------------------------------

    Description

    The following vulnerabilities were reported in all mentioned Mozilla products:

    • Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and Paul Nickerson reported browser crashes related to JavaScript methods, possibly triggering memory corruption (CVE-2008-0412).

    • Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown, Philip Taylor, and tgirmann reported crashes in the JavaScript engine, possibly triggering memory corruption (CVE-2008-0413).

    • David Bloom discovered a vulnerability in the way images are treated by the browser when a user leaves a page, possibly triggering memory corruption (CVE-2008-0419).

    • moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported a series of privilege escalation vulnerabilities related to JavaScript (CVE-2008-1233, CVE-2008-1234, CVE-2008-1235).

    • Mozilla developers identified browser crashes caused by the layout and JavaScript engines, possibly triggering memory corruption (CVE-2008-1236, CVE-2008-1237).

    • moz_bug_r_a4 and Boris Zbarsky discovered that pages could escape from its sandboxed context and run with chrome privileges, and inject script content into another site, violating the browser's same origin policy (CVE-2008-0415).

    • Gerry Eisenhaur discovered a directory traversal vulnerability when using "flat" addons (CVE-2008-0418).

    • Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu reported multiple character handling flaws related to the backspace character, the "0x80" character, involving zero-length non-ASCII sequences in multiple character sets, that could facilitate Cross-Site Scripting attacks (CVE-2008-0416).

    The following vulnerability was reported in Thunderbird and SeaMonkey:

    • regenrecht (via iDefense) reported a heap-based buffer overflow when rendering an email message with an external MIME body (CVE-2008-0304).

    The following vulnerabilities were reported in Firefox, SeaMonkey and XULRunner:

    • The fix for CVE-2008-1237 in Firefox 2.0.0.13 and SeaMonkey 1.1.9 introduced a new crash vulnerability (CVE-2008-1380).

    • hong and Gregory Fleischer each reported a variant on earlier reported bugs regarding focus shifting in file input controls (CVE-2008-0414).

    • Gynvael Coldwind (Vexillium) discovered that BMP images could be used to reveal uninitialized memory, and that this data could be extracted using a "canvas" feature (CVE-2008-0420).

    • Chris Thomas reported that background tabs could create a borderless XUL pop-up in front of pages in other tabs (CVE-2008-1241).

    • oo.rio.oo discovered that a plain text file with a "Content-Disposition: attachment" prevents Firefox from rendering future plain text files within the browser (CVE-2008-0592).

    • Martin Straka reported that the ".href" property of stylesheet DOM nodes is modified to the final URI of a 302 redirect, bypassing the same origin policy (CVE-2008-0593).

    • Gregory Fleischer discovered that under certain circumstances, leading characters from the hostname part of the "Referer:" HTTP header are removed (CVE-2008-1238).

    • Peter Brodersen and Alexander Klink reported that the browser automatically selected and sent a client certificate when SSL Client Authentication is requested by a server (CVE-2007-4879).

    • Gregory Fleischer reported that web content fetched via the "jar:" protocol was not subject to network access restrictions (CVE-2008-1240).

    The following vulnerabilities were reported in Firefox:

    • Justin Dolske discovered a CRLF injection vulnerability when storing passwords (CVE-2008-0417).

    • Michal Zalewski discovered that Firefox does not properly manage a delay timer used in confirmation dialogs (CVE-2008-0591).

    • Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery warning dialog is not displayed if the entire contents of a web page are in a DIV tag that uses absolute positioning (CVE-2008-0594).

    Impact

    A remote attacker could entice a user to view a specially crafted web page or email that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code or a Denial of Service. It is also possible for an attacker to trick a user to upload arbitrary files when submitting a form, to corrupt saved passwords for other sites, to steal login credentials, or to conduct Cross-Site Scripting and Cross-Site Request Forgery attacks.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Mozilla Firefox users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask -1 -v ">=www-client/mozilla-firefox-2.0.0.14"
    

    All Mozilla Firefox binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask -1 -v ">=www-client/mozilla-firefox-bin-2.0.0.14"
    

    All Mozilla Thunderbird users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask -1 -v ">=mail-client/mozilla-thunderbird-2.0.0.14"
    

    All Mozilla Thunderbird binary users should upgrade to the latest version:

    # emerge --sync
    # emerge -a -1 -v ">=mail-client/mozilla-thunderbird-bin-2.0.0.14"
    

    All SeaMonkey users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask -1 -v ">=www-client/seamonkey-1.1.9-r1"
    

    All SeaMonkey binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask -1 -v ">=www-client/seamonkey-bin-1.1.9"
    

    All XULRunner users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-libs/xulrunner-1.8.1.14"
    

    NOTE: The crash vulnerability (CVE-2008-1380) is currently unfixed in the SeaMonkey binary ebuild, as no precompiled packages have been released. Until an update is available, we recommend all SeaMonkey users to disable JavaScript, use Firefox for JavaScript-enabled browsing, or switch to the SeaMonkey source ebuild.

    References

    [ 1 ] CVE-2007-4879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4879 [ 2 ] CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 [ 3 ] CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 [ 4 ] CVE-2008-0413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 [ 5 ] CVE-2008-0414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414 [ 6 ] CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 [ 7 ] CVE-2008-0416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0416 [ 8 ] CVE-2008-0417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0417 [ 9 ] CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 [ 10 ] CVE-2008-0419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419 [ 11 ] CVE-2008-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420 [ 12 ] CVE-2008-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591 [ 13 ] CVE-2008-0592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0592 [ 14 ] CVE-2008-0593 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593 [ 15 ] CVE-2008-0594 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0594 [ 16 ] CVE-2008-1233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 [ 17 ] CVE-2008-1234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 [ 18 ] CVE-2008-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 [ 19 ] CVE-2008-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 [ 20 ] CVE-2008-1237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237 [ 21 ] CVE-2008-1238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1238 [ 22 ] CVE-2008-1240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1240 [ 23 ] CVE-2008-1241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1241 [ 24 ] CVE-2008-1380 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200805-18.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-576-1 February 08, 2008 firefox vulnerabilities CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1

    Ubuntu 6.10: firefox 2.0.0.12+0nobinonly+2-0ubuntu0.6.10

    Ubuntu 7.04: firefox 2.0.0.12+1nobinonly+2-0ubuntu0.7.4

    Ubuntu 7.10: firefox 2.0.0.12+2nobinonly+2-0ubuntu0.7.10

    After a standard system upgrade you need to restart firefox to effect the necessary changes.

    Details follow:

    Various flaws were discovered in the browser and JavaScript engine. (CVE-2008-0412, CVE-2008-0413)

    Flaws were discovered in the file upload form control. A malicious website could force arbitrary files from the user's computer to be uploaded without consent. (CVE-2008-0414)

    Various flaws were discovered in the JavaScript engine. (CVE-2008-0415)

    Various flaws were discovered in character encoding handling. If a user were ticked into opening a malicious web page, an attacker could perform cross-site scripting attacks. (CVE-2008-0416)

    Justin Dolske discovered a flaw in the password saving mechanism. By tricking a user into opening a malicious web page, an attacker could corrupt the user's stored passwords. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. A malicious website could exploit this to steal the user's history information, crash the browser and/or possibly execute arbitrary code with the user's privileges. (CVE-2008-0419)

    Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information. (CVE-2008-0420)

    Michal Zalewski discovered flaws with timer-enabled security dialogs. A malicious website could force the user to confirm a security dialog without explicit consent. (CVE-2008-0592)

    Martin Straka discovered flaws in stylesheet handling after a 302 redirect. By tricking a user into opening a malicious web page, an attacker could obtain sensitive URL parameters. A malicious website could exploit this to conduct phishing attacks against the user. (CVE-2008-0594)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1.diff.gz
      Size/MD5:   178154 2cf6b393f77f5b872ffac9f05901d86e
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1.dsc
      Size/MD5:     1792 25c9c6c7c68cd2ffb437ff3c235ccf5b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a.orig.tar.gz
      Size/MD5: 48567134 5f38febe80dd0965ea410ac190a99a79
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_all.deb
      Size/MD5:    53122 9b8108791fa1acc6a8cd36174d7e004f
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_all.deb
      Size/MD5:    52236 39ada1e6aeb7b51289c70c71d0f8031e
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5: 47575618 166e66c75fe45216b3ed03b2017ad9f9
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:  2863920 c4fb4492c9c0d33c5ee1ebaa90822add
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:    85508 22e0f29c67b28b7f268d13c47ff21b18
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:  9477254 da7188d3d1a255f46d703b7f9f4af558
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:   222308 66948fa52f626e2e94c277582dd9b419
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:   165292 f14d66384255da7196da5786244d7636
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:   247344 915feb3274a401c8cf7a026c6bcef55d
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:   824986 ee41c39f0dc78dcb269e2c849d7a959b
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb
      Size/MD5:   219314 6ff861dde457e29b7d78cb0b485cc892
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5: 44132276 7d2488c56e8fc420b7d4b8741842a8d2
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:  2863958 3e65d51503bf4220df6523ad788250c0
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:    77834 58eaaaa178b0775221215bcbc18eb618
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:  7986002 634c8d5dc00d42acac3319a6d8484401
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:   222308 84d7212ebc789c76cbe907c1600a77e6
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:   149850 9373d8373c10536f85d13a5a176889e3
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:   247320 9ae55bba5c7cbe340db54c567fca6158
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:   716594 5e6581e7b8f83755ee6182dc522a16d9
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb
      Size/MD5:   212712 42d4658e91e8dcab0cdc85b0da6ec700
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5: 48978594 143d1dd5a6ce245fc55c5083749aaecc
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:  2864070 9c399a5d23e6338f5d663606a3c1fe6e
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:    80948 c11c970fa9e3c95a2c7e28be5978d7ca
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:  9097372 a1865d328a9fa56f46ae4fb1bd6757d9
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:   222306 76bc431137ce8c72c4d097c15af86785
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:   162552 309fd0bb01d24a983e187fe50da1e8ea
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:   247346 d6d3ea02f9c3dd500d308215caa50fa8
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:   815602 c939dd4eb7d5e514b86fb6756c3258c5
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb
      Size/MD5:   216154 f4f8d3b69f847ddfd238a8fbef952953
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5: 45531866 273486483a76cc366c7f22d50a8e1585
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:  2864002 48d560e88b2a92576e1a4ee592297ce6
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:    79414 70c392f787204334116e9ce76f546a46
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:  8483442 3562cacfdf57585c037b651be2860162
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:   222310 6435f1625def65ad5cb1a9732ae035b4
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:   152438 79cc70393fa4b75cac01405f3bdaa830
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:   247346 530a4597f2708ddd246845dcd9948eaf
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:   727040 f954f2d179c4477caf4ac860dee0a3ee
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb
      Size/MD5:   213662 57bd9a62025696c9ac01aeb2c499004a
    

    Updated packages for Ubuntu 6.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10.diff.gz
      Size/MD5:   321397 4a12ea7d4aff45a651e7169df59b66d1
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10.dsc
      Size/MD5:     1880 d07152222f3bbbd54702964e6c484e5c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2.orig.tar.gz
      Size/MD5: 44800182 38c678dd75c578424a1c18876dd074c4
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb
      Size/MD5:   238002 ac7bdaa151b30f01a44f46e65c8096d8
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb
      Size/MD5:    56822 b9a0587c020e3e1ff251db1da16a3360
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb
      Size/MD5:    56922 736209d00ed7a493ad632a595dc3e23e
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb
      Size/MD5:    56934 65a72a74cd45970e0fdea2eacf97a19f
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb
      Size/MD5:    57734 08259cf76e7911a1643f9dd34a5946e0
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5: 50541330 aedaa6323fe786ac93a0361712fe2eef
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5:  3181304 9de420a7be03b4f2dc7877d51d86641a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5:    91280 77851caa28f9541474c579b2fcb58de8
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5: 10459390 b794e9dca1f5985ac8f2de5e3021d04d
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5:   226904 e1401fba7056cfed7bfb5c402c773223
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5:   169286 ef4c54634455afec2b88618fee46b330
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5:   251926 e8596b001554965f3a84a517c7eabdb7
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb
      Size/MD5:   873158 3674842461178bb2118cd634d5ab50a5
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5: 49700122 488b37255f93579b4aa3d091438f0b07
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:  3171304 e30a5b8ffac759624c9cec382cf076aa
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:    84944 53061af8afe191476af93f7fd822c879
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:  9275526 b79a270c10e7b0a53409ee7d2c47a958
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:   226916 a70250bb5ca1ee549b8fd855ba0aac8b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:   158884 6b82381a44eb2d3a7fca63772f299cb0
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:   251926 1475d73a2829eb9fd9d996b739386152
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb
      Size/MD5:   795256 e1f9c6278da78da5a15316fcaad8878b
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5: 52219576 c0aca4abff7994ed57feedd4b9fad3c6
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5:  3178480 51d9d70a821af1b86a0dbe3f1047b695
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5:    86810 d20daf80fe21dd441e76544d436b5a97
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5: 10120398 d9da66873e77ae9b151806369ea79999
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5:   226904 7f5b533329fa758c7119737c3c2932b6
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5:   167982 cf663fffe8e0cc731518ad9c2b927353
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5:   251958 af430564abd104b1a0d74c6601f9da21
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb
      Size/MD5:   870874 310fadfe6f3678646ddb0eb6905891ae
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5: 49730348 02a7529d1ce21e8c80c1eacab37d32e9
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:  3167800 8540b1e6b3ed43155da0aabe6e9b9646
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:    84614 00db1446c0b00efd811f50d924dd5298
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:  9546592 3258e1fbd28f510545f4083d1c4286ca
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:   226908 ec859ea978ee4faad18198557bd0b93a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:   156870 a08586da831b5189bb86b5613457be8c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:   251942 154e0e0a90641ca61d02229f909c9afe
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb
      Size/MD5:   777010 15935c9b003f9246bee54b84150c87c1
    

    Updated packages for Ubuntu 7.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4.diff.gz
      Size/MD5:   314990 26d843966dfcd15d09732da370613437
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4.dsc
      Size/MD5:     1866 65a8df8593e51c9bd75384019fed4578
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2.orig.tar.gz
      Size/MD5: 44800182 be1a3be614b123a5f65ef0631cc3ba57
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb
      Size/MD5:   243402 da8caba52c3c82557d4821d770299ecc
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb
      Size/MD5:    58762 45baf9be97557e8b91d2943ca6ba41e6
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb
      Size/MD5:    58856 42d6160c4ce8fdb5bf9a37293aa53b1c
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb
      Size/MD5:    58870 9dd7670172ef63a5c95a8e0d0b3b2b96
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb
      Size/MD5:    59670 492308cc265c713ffddb255884c4e504
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5: 50542618 2ca3b30b33b3b999071a16abf8bcd13c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:  3184070 271fa86786f418711a313712877eea98
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:    92594 5143ea4adbda306600aee9af86ce77fe
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:    62572 a4e2e6b0064c79138f3b2bfa91ac97d1
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5: 10471176 175a2d6fa77654b739398a2a9d1d03ac
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:   228738 30a1385156baa2a9f24b78c129412f18
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:   174270 3849519034a0821095cd70f444507d99
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:   253900 7b383ef692d89ab55dae43836b2fdd0a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb
      Size/MD5:   880882 8ba385f8afc6037a95707fcb7b23b46d
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5: 49691234 29f617919ad489ca52ee6b81f01c5cbd
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:  3174990 188a68b01767bc4cca87d3d25337e017
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:    86790 1e73455e05a6171cc71210f322db025f
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:    61972 35aeae2f74e57deddf75cc940927b666
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:  9276348 4801d027bd0a419209a7192eb6b2e5b0
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:   228752 70786d226354b7dfe928f8a627faf0e9
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:   163166 9a04fc6540e7b8adf3fb170cadec304d
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:   253906 fc119126017f04c5b56c3d6f34afdc72
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb
      Size/MD5:   802282 348a087da1e50abdcc82ab5e540e9f0b
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5: 52204680 048216fdda7b51cc351f5282152dae0a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:  3186926 b6bbe9c19c9f915cff028058a9703485
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:    90636 60db1e12e8d6324c854217356713ed9a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:    62806 ae3c6db90b09e7343a43bb2d2506776a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5: 10350504 084e73de7223b081b0a34c4f05cd8e5e
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:   228746 a19d7edc4e883b4325a65679a4b53f2b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:   179910 2ed7a05241f477e018235dadeaa0a180
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:   253906 2d7306a969e66f7ba62020ec9683c5d2
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb
      Size/MD5:   890490 0611974c638cc23f8bb0e64dd5fb1204
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5: 49727862 0b04e498c69841fba2fb44c0026b9360
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:  3173504 a3e8070e87df04e2e1178793a3c28ebb
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:    86486 e4e8c5fa9661d7f2883a64c9c913955a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:    62030 b8cba7f28f9ad581adb2952b0cd27778
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:  9557480 d914a1f143d06130139ebbaf299a998a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:   228734 0b7a1e9e9c4e8e4dd30faa51715b9b3a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:   161968 6d1e3b53500017050fcd6ad5f797a34c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:   253912 e997d59184566bb92afd170e3d6e16ae
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb
      Size/MD5:   796038 b7db09f4ad1a2271524d745c807eec0e
    

    Updated packages for Ubuntu 7.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10.diff.gz
      Size/MD5:   192967 f613f26149f995bb2d90897640751c55
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10.dsc
      Size/MD5:     1831 10cc37e4a7a8b1ef9913c4336e139e34
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2.orig.tar.gz
      Size/MD5: 34952512 361be132e02f7583555fdb5909138bdf
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_all.deb
      Size/MD5:   200720 e85d0d26bbba30c7cf1acd8539d4ce5d
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb
      Size/MD5: 77918994 5e5b6abb9c51f6f991f1270f9fac5c7b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb
      Size/MD5:  3195186 0ea7fd2d7e532bdc5676988b36643cc7
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb
      Size/MD5:    98086 ab6e4e54dfb6700e405f5a4004e5f817
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb
      Size/MD5:    67082 ff21fe32334e31142459446bf7f7aad7
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb
      Size/MD5: 10442880 36de6e6c9f3f34f5eea1b88abce14c6a
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb
      Size/MD5: 77067198 da3fb93ae70ee78f63495d8ebfe5a356
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb
      Size/MD5:  3182764 fb3bbf088ecea048f3f163a2ba7aa84d
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb
      Size/MD5:    91770 4384731b32d52be25ff6e419bf2ec269
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb
      Size/MD5:    66370 3d301f5fe0766f685ac0cad7766af38b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb
      Size/MD5:  9189236 7a8f9a6523ed805b0edb42d9f688fbbc
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb
      Size/MD5: 80531802 0e94eeb3d506799508eb354f7a067b52
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb
      Size/MD5:  3198570 31ca5d436b1510aeb40d98da1e80b6ba
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb
      Size/MD5:    96114 e30b3fc0ee76304c61b36ae059510ba0
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb
      Size/MD5:    67356 6374a01034d982e01e973cd6544f7c5c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb
      Size/MD5: 10285072 40e7d114d1f2adba2d8be70f40acbfbe
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb
      Size/MD5: 77899398 bf815b834944a0a8097c79ae2da6f188
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb
      Size/MD5:  3180268 90be06ecf15c876086c03c5910d2e575
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb
      Size/MD5:    91548 33215f4ce2e598f29cde37ab518b555e
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb
      Size/MD5:    66446 9db9ae28f9b571e27a524f087e8e0f31
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb
      Size/MD5:  9436014 697d38db0d9a9d1718fe94aacf3f2abb
    

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Mandriva Linux Security Advisory MDVSA-2008:048 http://www.mandriva.com/security/


    Package : mozilla-firefox Date : February 22, 2008 Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0


    Problem Description:

    A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12.

    This update provides the latest Firefox to correct these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0594 http://www.mozilla.org/security/announce/2008/mfsa2008-01.html http://www.mozilla.org/security/announce/2008/mfsa2008-02.html http://www.mozilla.org/security/announce/2008/mfsa2008-03.html http://www.mozilla.org/security/announce/2008/mfsa2008-04.html http://www.mozilla.org/security/announce/2008/mfsa2008-05.html http://www.mozilla.org/security/announce/2008/mfsa2008-06.html http://www.mozilla.org/security/announce/2008/mfsa2008-07.html http://www.mozilla.org/security/announce/2008/mfsa2008-08.html http://www.mozilla.org/security/announce/2008/mfsa2008-09.html http://www.mozilla.org/security/announce/2008/mfsa2008-10.html http://www.mozilla.org/security/announce/2008/mfsa2008-11.html


    Updated Packages:

    Mandriva Linux 2007.1: 1dc2a51ff44cabe490f34da3faa33c23 2007.1/i586/deskbar-applet-2.18.0-3.6mdv2007.1.i586.rpm 80ddb753b767b007fdcb81a92c0f905b 2007.1/i586/devhelp-0.13-3.6mdv2007.1.i586.rpm 2cad046fa470433fa1e1e3d61a17db64 2007.1/i586/devhelp-plugins-0.13-3.6mdv2007.1.i586.rpm c77299cbaf51d2c3750463c896a80b1d 2007.1/i586/eclipse-ecj-3.2.2-3.4.4mdv2007.1.i586.rpm 3452bf648a7ac439ae811c4e5fc8a63c 2007.1/i586/eclipse-jdt-3.2.2-3.4.4mdv2007.1.i586.rpm c52d7efbb414850069093958810d546c 2007.1/i586/eclipse-jdt-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm 9342cf09d7d08ab5f76012ffe9110068 2007.1/i586/eclipse-pde-3.2.2-3.4.4mdv2007.1.i586.rpm 902df90494957eb8cb3dfc65cd79dd3e 2007.1/i586/eclipse-pde-runtime-3.2.2-3.4.4mdv2007.1.i586.rpm b7921f5695807ed0cbde79f89b022fd6 2007.1/i586/eclipse-pde-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm e30bda4a05f799ec477adddea26ad2e7 2007.1/i586/eclipse-platform-3.2.2-3.4.4mdv2007.1.i586.rpm b96010dc64a374151aeedbc08f990939 2007.1/i586/eclipse-platform-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm 7509249502add24a8c879fc07a9045cc 2007.1/i586/eclipse-rcp-3.2.2-3.4.4mdv2007.1.i586.rpm 7b61437abc5b8bcb124d6bffbc00f07c 2007.1/i586/eclipse-rcp-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm fed3c9c51dfaefaf915f9e7099156d91 2007.1/i586/eclipse-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm 72d3dc507d444eba52b19bd23599ff8e 2007.1/i586/epiphany-2.18.0-5.6mdv2007.1.i586.rpm c81f9314f3ec6e9d6983f33a3ebd8e94 2007.1/i586/epiphany-devel-2.18.0-5.6mdv2007.1.i586.rpm 92f2517dc7879a37de1c45656c5a3a72 2007.1/i586/epiphany-extensions-2.18.0-2.5mdv2007.1.i586.rpm d3c955c6add34c6fcf10d96b79d1841a 2007.1/i586/galeon-2.0.3-5.6mdv2007.1.i586.rpm 36f325c6b4ecdc139547e8813f17cd90 2007.1/i586/gnome-python-extras-2.14.3-4.6mdv2007.1.i586.rpm 16d211d490987d4fdfafe820d0e37280 2007.1/i586/gnome-python-gda-2.14.3-4.6mdv2007.1.i586.rpm 784f949debd848dc8b04085d4ed878cb 2007.1/i586/gnome-python-gda-devel-2.14.3-4.6mdv2007.1.i586.rpm 3298cadecd4f531d47c93aaf6c2b61b8 2007.1/i586/gnome-python-gdl-2.14.3-4.6mdv2007.1.i586.rpm c90b8d88b8516482b9fbb81b962a52e0 2007.1/i586/gnome-python-gksu-2.14.3-4.6mdv2007.1.i586.rpm aaddc4ccb1380f59a1577d0928950c0d 2007.1/i586/gnome-python-gtkhtml2-2.14.3-4.6mdv2007.1.i586.rpm 31e67c0db16a843c954d18e9040d3924 2007.1/i586/gnome-python-gtkmozembed-2.14.3-4.6mdv2007.1.i586.rpm fd2a2e1bd9678f78441d7f0388fc50cd 2007.1/i586/gnome-python-gtkspell-2.14.3-4.6mdv2007.1.i586.rpm 2be331921ac0abd4935f2b7e53485558 2007.1/i586/libdevhelp-1_0-0.13-3.6mdv2007.1.i586.rpm 04b8a0a918e5fa4d5d4c9a5ed7ff137f 2007.1/i586/libdevhelp-1_0-devel-0.13-3.6mdv2007.1.i586.rpm a3782afaa71b91224e3ac035790346f4 2007.1/i586/libmozilla-firefox-devel-2.0.0.12-1.1mdv2007.1.i586.rpm 14cfb1d5f4cf1f065bfca906ff150a4b 2007.1/i586/libmozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2007.1.i586.rpm c1426c2e93cc901fe35392ff7cb6c685 2007.1/i586/libswt3-gtk2-3.2.2-3.4.4mdv2007.1.i586.rpm ae1601c5b5f88a7f515284650233983d 2007.1/i586/libtotem-plparser1-2.18.2-1.7mdv2007.1.i586.rpm c22fc1a859983aa85742e604312f80fa 2007.1/i586/libtotem-plparser1-devel-2.18.2-1.7mdv2007.1.i586.rpm 4eb9fbb0119091748feb9889a3c306a7 2007.1/i586/mozilla-firefox-2.0.0.12-1.1mdv2007.1.i586.rpm df4485c865ccd7c3242fbe27af182c0d 2007.1/i586/mozilla-firefox-af-2.0.0.12-1mdv2007.1.i586.rpm 3ec20a7b73357ba854ff1cdc1a7cb2b3 2007.1/i586/mozilla-firefox-ar-2.0.0.12-1mdv2007.1.i586.rpm 6fa279489d73c1c4d6a34229d3a153eb 2007.1/i586/mozilla-firefox-be-2.0.0.12-1mdv2007.1.i586.rpm 53bcab0c1e1d67ae7a1a5ac75c5ce494 2007.1/i586/mozilla-firefox-bg-2.0.0.12-1mdv2007.1.i586.rpm 314e0e5ae9425a42b1e439f3396f89f8 2007.1/i586/mozilla-firefox-br_FR-2.0.0.12-1mdv2007.1.i586.rpm 0254a1f48e4ded8678dd112363c29c74 2007.1/i586/mozilla-firefox-ca-2.0.0.12-1mdv2007.1.i586.rpm e686d9fdd625fc13b3cffa97c5508eb4 2007.1/i586/mozilla-firefox-cs-2.0.0.12-1mdv2007.1.i586.rpm 7ee117f20fe64cadd3e14451719fe7c4 2007.1/i586/mozilla-firefox-da-2.0.0.12-1mdv2007.1.i586.rpm e7d93e623d8a95f3e6a4e841ecb6dced 2007.1/i586/mozilla-firefox-de-2.0.0.12-1mdv2007.1.i586.rpm 19f90053d81fdc8c1f29f243f042c016 2007.1/i586/mozilla-firefox-el-2.0.0.12-1mdv2007.1.i586.rpm 7ebf410bb0505ca52e0ffb64cd436db1 2007.1/i586/mozilla-firefox-en_GB-2.0.0.12-1mdv2007.1.i586.rpm c7708420fc247bac083598e09d54abd1 2007.1/i586/mozilla-firefox-es_AR-2.0.0.12-1mdv2007.1.i586.rpm 4bbb4b75f4ce7b2bce3228ee97f83f92 2007.1/i586/mozilla-firefox-es_ES-2.0.0.12-1mdv2007.1.i586.rpm 8a094d00259121d38a34381aef52dc77 2007.1/i586/mozilla-firefox-et_EE-2.0.0.12-1mdv2007.1.i586.rpm 6d7633f405a110a436fe06811a8e2b28 2007.1/i586/mozilla-firefox-eu-2.0.0.12-1mdv2007.1.i586.rpm 00277d0faba3c092d074726f23b479ce 2007.1/i586/mozilla-firefox-fi-2.0.0.12-1mdv2007.1.i586.rpm a6a7478985d1feb54502161b7bf61de3 2007.1/i586/mozilla-firefox-fr-2.0.0.12-1mdv2007.1.i586.rpm 33fc849c8b3300eb2d93b74e0a21fe9a 2007.1/i586/mozilla-firefox-fy-2.0.0.12-1mdv2007.1.i586.rpm aeae2cbbc738a25a1024bdd0fa4b3ab3 2007.1/i586/mozilla-firefox-ga-2.0.0.12-1mdv2007.1.i586.rpm cc28a619f49f76efbb86f80f603078a6 2007.1/i586/mozilla-firefox-gu_IN-2.0.0.12-1mdv2007.1.i586.rpm 9de2102b85eeb76f490abd37c391190a 2007.1/i586/mozilla-firefox-he-2.0.0.12-1mdv2007.1.i586.rpm e85f6cdb1a60b5a3de9ca2b562660db4 2007.1/i586/mozilla-firefox-hu-2.0.0.12-1mdv2007.1.i586.rpm 3e3c83e797cdbaace62aa33cd55a37ca 2007.1/i586/mozilla-firefox-it-2.0.0.12-1mdv2007.1.i586.rpm a5a3cc4cf13557ba72885fa57a3ccfa8 2007.1/i586/mozilla-firefox-ja-2.0.0.12-1mdv2007.1.i586.rpm d39b98fead3b78e7e2f6b03855421bf0 2007.1/i586/mozilla-firefox-ka-2.0.0.12-1mdv2007.1.i586.rpm 1e22b2f9d416fe38a09c5c58ac694b54 2007.1/i586/mozilla-firefox-ko-2.0.0.12-1mdv2007.1.i586.rpm 5c390f65e4992c416fe7ba2719fee970 2007.1/i586/mozilla-firefox-ku-2.0.0.12-1mdv2007.1.i586.rpm cf66aee1be149bb504491f8a0640f3c1 2007.1/i586/mozilla-firefox-lt-2.0.0.12-1mdv2007.1.i586.rpm 3b347807ab3cfc861833ae72932b7c47 2007.1/i586/mozilla-firefox-mk-2.0.0.12-1mdv2007.1.i586.rpm d300ac9b315aa0f8ba351e9599871d85 2007.1/i586/mozilla-firefox-mn-2.0.0.12-1mdv2007.1.i586.rpm 5a94beccbed4dbfaaa911e00f75f4ae0 2007.1/i586/mozilla-firefox-nb_NO-2.0.0.12-1mdv2007.1.i586.rpm 6b7f3de774ca6aaec82dd2d4d8898a65 2007.1/i586/mozilla-firefox-nl-2.0.0.12-1mdv2007.1.i586.rpm 3d9f959c201905dd349e5d7df9613fe9 2007.1/i586/mozilla-firefox-nn_NO-2.0.0.12-1mdv2007.1.i586.rpm d0e6271d86772a36bbeb86d902f186ec 2007.1/i586/mozilla-firefox-pa_IN-2.0.0.12-1mdv2007.1.i586.rpm 1654c8644d33ddfad6877bcc07c7df6e 2007.1/i586/mozilla-firefox-pl-2.0.0.12-1mdv2007.1.i586.rpm 2915c604f7179029fcf46bb7110af6e3 2007.1/i586/mozilla-firefox-pt_BR-2.0.0.12-1mdv2007.1.i586.rpm 70a326e01d4b7dcdcf2098f83d003ea4 2007.1/i586/mozilla-firefox-pt_PT-2.0.0.12-1mdv2007.1.i586.rpm 7c43e07b436e083ba15123c2cd3aa70a 2007.1/i586/mozilla-firefox-ro-2.0.0.12-1mdv2007.1.i586.rpm d0f26cad526ba1c6e7ac41dbbb34f727 2007.1/i586/mozilla-firefox-ru-2.0.0.12-1mdv2007.1.i586.rpm 0a39286f36e0b5688a293c06de29d8d9 2007.1/i586/mozilla-firefox-sk-2.0.0.12-1mdv2007.1.i586.rpm 2e4dfeab9aa0649f12787519119da6e2 2007.1/i586/mozilla-firefox-sl-2.0.0.12-1mdv2007.1.i586.rpm c0224a7f560da293f8825d08a5a3ddae 2007.1/i586/mozilla-firefox-sv_SE-2.0.0.12-1mdv2007.1.i586.rpm 39c1a65a74784d086b7756f523a3761e 2007.1/i586/mozilla-firefox-tr-2.0.0.12-1mdv2007.1.i586.rpm 3fb92f19448371ff7b26734df8e46370 2007.1/i586/mozilla-firefox-uk-2.0.0.12-1mdv2007.1.i586.rpm 7e562d06f2fff28067f1cd15f5733af2 2007.1/i586/mozilla-firefox-zh_CN-2.0.0.12-1mdv2007.1.i586.rpm 3098f92ec1c67b2e170fd4ff1730388a 2007.1/i586/mozilla-firefox-zh_TW-2.0.0.12-1mdv2007.1.i586.rpm 1bb36cf0ce6f55517a3473366c494087 2007.1/i586/totem-2.18.2-1.7mdv2007.1.i586.rpm 3be505bd7ca427a7012d496724e94b52 2007.1/i586/totem-common-2.18.2-1.7mdv2007.1.i586.rpm ae1f2d358274545d78288c02943d68d2 2007.1/i586/totem-gstreamer-2.18.2-1.7mdv2007.1.i586.rpm a5a82195f23ea5b2adc90368cd7ca1c4 2007.1/i586/totem-mozilla-2.18.2-1.7mdv2007.1.i586.rpm 6eea23a51e4b6c6167d160fd6a283e80 2007.1/i586/totem-mozilla-gstreamer-2.18.2-1.7mdv2007.1.i586.rpm 70b76b7eb83ca3c44b885ebbf545a9e7 2007.1/i586/yelp-2.18.0-3.6mdv2007.1.i586.rpm 22d9b3b7e5698b47fccc3a6357fec6e4 2007.1/SRPMS/deskbar-applet-2.18.0-3.6mdv2007.1.src.rpm 3cf093179a5d711a1532960931d4c069 2007.1/SRPMS/devhelp-0.13-3.6mdv2007.1.src.rpm 824c26cd3bf015fa907e8c870b083297 2007.1/SRPMS/eclipse-3.2.2-3.4.4mdv2007.1.src.rpm 9c3cec104d4eda89c867added6371874 2007.1/SRPMS/epiphany-2.18.0-5.6mdv2007.1.src.rpm 1b6f481d3645ae3d5cb5765a7c456d2a 2007.1/SRPMS/epiphany-extensions-2.18.0-2.5mdv2007.1.src.rpm 759216aff8dc1d14d5de891bc7745d6f 2007.1/SRPMS/galeon-2.0.3-5.6mdv2007.1.src.rpm 3304dc108695e6197e6b30ee03a51a09 2007.1/SRPMS/gnome-python-extras-2.14.3-4.6mdv2007.1.src.rpm 478ad85c7863af6629ac7234debdfbfa 2007.1/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2007.1.src.rpm bd76471a2d41c2578b18939415e03b8e 2007.1/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2007.1.src.rpm 9747016f17a8f616419f1b7c4e49dc1f 2007.1/SRPMS/totem-2.18.2-1.7mdv2007.1.src.rpm f1d428e2757775ec76d83f3be78e6717 2007.1/SRPMS/yelp-2.18.0-3.6mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 691e999c390c5cf9eb7cfa9f7cb36924 2007.1/x86_64/deskbar-applet-2.18.0-3.6mdv2007.1.x86_64.rpm caa9f1692901e91890216f893c269ff3 2007.1/x86_64/devhelp-0.13-3.6mdv2007.1.x86_64.rpm 05550c4ecdcdf3ae7d888bc0d194a56d 2007.1/x86_64/devhelp-plugins-0.13-3.6mdv2007.1.x86_64.rpm 153b61edcf077ebdfe1f6386bce919d4 2007.1/x86_64/eclipse-ecj-3.2.2-3.4.4mdv2007.1.x86_64.rpm 1ab1d18860b8f590f50f86b0d0fdb681 2007.1/x86_64/eclipse-jdt-3.2.2-3.4.4mdv2007.1.x86_64.rpm 7f59734a966380ae07ee9e120c756d8c 2007.1/x86_64/eclipse-jdt-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm 1d0a61206b3302cb3cfe605d61ab7d40 2007.1/x86_64/eclipse-pde-3.2.2-3.4.4mdv2007.1.x86_64.rpm bb9ba6e6dec65f143c40490f3481570d 2007.1/x86_64/eclipse-pde-runtime-3.2.2-3.4.4mdv2007.1.x86_64.rpm 18c9205dc80f71951461c58379409e71 2007.1/x86_64/eclipse-pde-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm 6feda46822a9638d68e0de48c9f29047 2007.1/x86_64/eclipse-platform-3.2.2-3.4.4mdv2007.1.x86_64.rpm 1c32336de45e3ce2ba59af7636cb9fd3 2007.1/x86_64/eclipse-platform-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm d05a8a18748ad28155eb7ae936d2c015 2007.1/x86_64/eclipse-rcp-3.2.2-3.4.4mdv2007.1.x86_64.rpm 8667c57ea4479c6644d1ec77d03f6cc6 2007.1/x86_64/eclipse-rcp-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm cf8bc4f82183b304e20958115202fee5 2007.1/x86_64/eclipse-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm eee890a0b8e76f6509553c9879ac7ecb 2007.1/x86_64/epiphany-2.18.0-5.6mdv2007.1.x86_64.rpm 2dde2d8ddd4c287934b165c4a7119e7f 2007.1/x86_64/epiphany-devel-2.18.0-5.6mdv2007.1.x86_64.rpm 061ec1797d29f4e37ee64cc2826fc39d 2007.1/x86_64/epiphany-extensions-2.18.0-2.5mdv2007.1.x86_64.rpm bcbaf29656b30c1dcd3fa6d1dc515816 2007.1/x86_64/galeon-2.0.3-5.6mdv2007.1.x86_64.rpm 6ab0f8d7437d253249befd970638e2c7 2007.1/x86_64/gnome-python-extras-2.14.3-4.6mdv2007.1.x86_64.rpm 4397d9794afae4426228e3e8b727f0d5 2007.1/x86_64/gnome-python-gda-2.14.3-4.6mdv2007.1.x86_64.rpm d44dc156c11bd6da8865f2844e1e8a7d 2007.1/x86_64/gnome-python-gda-devel-2.14.3-4.6mdv2007.1.x86_64.rpm 80e48e7b6320ddd111b3d61f1d55982d 2007.1/x86_64/gnome-python-gdl-2.14.3-4.6mdv2007.1.x86_64.rpm 2273f742d50b47c2554a66d86650b009 2007.1/x86_64/gnome-python-gksu-2.14.3-4.6mdv2007.1.x86_64.rpm 54263146b6cc46aec4a9430fda19b612 2007.1/x86_64/gnome-python-gtkhtml2-2.14.3-4.6mdv2007.1.x86_64.rpm fa6ad140bec40b0682771394682109c3 2007.1/x86_64/gnome-python-gtkmozembed-2.14.3-4.6mdv2007.1.x86_64.rpm 30bb203d5086759c5f9f1c6f9b6f0dc2 2007.1/x86_64/gnome-python-gtkspell-2.14.3-4.6mdv2007.1.x86_64.rpm 92485911c16bcb95a571558f3622bfd4 2007.1/x86_64/lib64devhelp-1_0-0.13-3.6mdv2007.1.x86_64.rpm 426e40e910923b6c03462d095f1bb94c 2007.1/x86_64/lib64devhelp-1_0-devel-0.13-3.6mdv2007.1.x86_64.rpm 797a51d03672c1eb95bc2d55bd807488 2007.1/x86_64/lib64mozilla-firefox-devel-2.0.0.12-1.1mdv2007.1.x86_64.rpm 414dba6c0d00a4d43437c59f2a8d90f1 2007.1/x86_64/lib64mozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2007.1.x86_64.rpm e26d4695678e9f68ca749593a1b66f1b 2007.1/x86_64/lib64totem-plparser1-2.18.2-1.7mdv2007.1.x86_64.rpm 8624b056389ff1fe9f33a64cff081e26 2007.1/x86_64/lib64totem-plparser1-devel-2.18.2-1.7mdv2007.1.x86_64.rpm 644e3bd650625950e6b3310b457d5833 2007.1/x86_64/libswt3-gtk2-3.2.2-3.4.4mdv2007.1.x86_64.rpm a394cb43cf1289cd37f50ec5127a8590 2007.1/x86_64/mozilla-firefox-2.0.0.12-1.1mdv2007.1.x86_64.rpm c74672f4d61902a3ce298c7f866c52e9 2007.1/x86_64/mozilla-firefox-af-2.0.0.12-1mdv2007.1.x86_64.rpm 12ee1223b0e97842108fe817fe458053 2007.1/x86_64/mozilla-firefox-ar-2.0.0.12-1mdv2007.1.x86_64.rpm 3942350467f9d5799eade58164a34a4e 2007.1/x86_64/mozilla-firefox-be-2.0.0.12-1mdv2007.1.x86_64.rpm 3413e28dec7ed97eee32fb74d6188548 2007.1/x86_64/mozilla-firefox-bg-2.0.0.12-1mdv2007.1.x86_64.rpm ebd359e9a0af27364e8e4405868a3b3b 2007.1/x86_64/mozilla-firefox-br_FR-2.0.0.12-1mdv2007.1.x86_64.rpm a08ea8ae48ccb304988a23a561e29e60 2007.1/x86_64/mozilla-firefox-ca-2.0.0.12-1mdv2007.1.x86_64.rpm 147188b2d31441d61466d8c91a9a9462 2007.1/x86_64/mozilla-firefox-cs-2.0.0.12-1mdv2007.1.x86_64.rpm 202afdddc582f8d1f5d94c0aaa0197fd 2007.1/x86_64/mozilla-firefox-da-2.0.0.12-1mdv2007.1.x86_64.rpm 0f3b150c43264b7e3c0c136296390039 2007.1/x86_64/mozilla-firefox-de-2.0.0.12-1mdv2007.1.x86_64.rpm 89e515ffe77b69719efec99a589ce5c1 2007.1/x86_64/mozilla-firefox-el-2.0.0.12-1mdv2007.1.x86_64.rpm 76a281bbd0d3428ebfd593c7eb9f679d 2007.1/x86_64/mozilla-firefox-en_GB-2.0.0.12-1mdv2007.1.x86_64.rpm e6ac662a04be6997f7d4dbabefe18927 2007.1/x86_64/mozilla-firefox-es_AR-2.0.0.12-1mdv2007.1.x86_64.rpm 8de715af8d0e56385170c247d98ea630 2007.1/x86_64/mozilla-firefox-es_ES-2.0.0.12-1mdv2007.1.x86_64.rpm abc53ce2f60b1340d1195df5933e7f27 2007.1/x86_64/mozilla-firefox-et_EE-2.0.0.12-1mdv2007.1.x86_64.rpm 8252457050a0027280c413e0105f5853 2007.1/x86_64/mozilla-firefox-eu-2.0.0.12-1mdv2007.1.x86_64.rpm 0465a7b839901eddf832606d39f68be3 2007.1/x86_64/mozilla-firefox-fi-2.0.0.12-1mdv2007.1.x86_64.rpm 9021350fcc01ade20d8ab9b0933959b9 2007.1/x86_64/mozilla-firefox-fr-2.0.0.12-1mdv2007.1.x86_64.rpm d6a7795dcce490cac731e59989987b30 2007.1/x86_64/mozilla-firefox-fy-2.0.0.12-1mdv2007.1.x86_64.rpm 4c060eb74bc1d46ac492ae671c5507bd 2007.1/x86_64/mozilla-firefox-ga-2.0.0.12-1mdv2007.1.x86_64.rpm 62844d52a90dc6a9c28a454df93e0582 2007.1/x86_64/mozilla-firefox-gu_IN-2.0.0.12-1mdv2007.1.x86_64.rpm 9120e7c5436e0d729dd302f96c979967 2007.1/x86_64/mozilla-firefox-he-2.0.0.12-1mdv2007.1.x86_64.rpm 337d8a3ddc147972b8137d25dd884c37 2007.1/x86_64/mozilla-firefox-hu-2.0.0.12-1mdv2007.1.x86_64.rpm 3c93704f70f2b328228c773f57f94275 2007.1/x86_64/mozilla-firefox-it-2.0.0.12-1mdv2007.1.x86_64.rpm ccc3536e636482c5cc78b9fd255b7f46 2007.1/x86_64/mozilla-firefox-ja-2.0.0.12-1mdv2007.1.x86_64.rpm 5a5e4c41bd5069a93a535664255d452d 2007.1/x86_64/mozilla-firefox-ka-2.0.0.12-1mdv2007.1.x86_64.rpm 45a443556cb2e1bf89ba8400b9853ed6 2007.1/x86_64/mozilla-firefox-ko-2.0.0.12-1mdv2007.1.x86_64.rpm 6b8837513ae819d26f5dfe8b965f2e64 2007.1/x86_64/mozilla-firefox-ku-2.0.0.12-1mdv2007.1.x86_64.rpm b8f56a62ca7c5148e046915b7b06f3dd 2007.1/x86_64/mozilla-firefox-lt-2.0.0.12-1mdv2007.1.x86_64.rpm 3dc8413b89cc07e3a28e954bddf76a6d 2007.1/x86_64/mozilla-firefox-mk-2.0.0.12-1mdv2007.1.x86_64.rpm 4b16b86e7c13acfbe81a23f1075b8c79 2007.1/x86_64/mozilla-firefox-mn-2.0.0.12-1mdv2007.1.x86_64.rpm 95c62278ac3eb8ec53302f9b07622358 2007.1/x86_64/mozilla-firefox-nb_NO-2.0.0.12-1mdv2007.1.x86_64.rpm 61f0aeb307a99a9dcd14505a4c37bcee 2007.1/x86_64/mozilla-firefox-nl-2.0.0.12-1mdv2007.1.x86_64.rpm 974cc15e998b6a0da384f7da17795041 2007.1/x86_64/mozilla-firefox-nn_NO-2.0.0.12-1mdv2007.1.x86_64.rpm 15ba737cf9ced004ce71550ab3d9876b 2007.1/x86_64/mozilla-firefox-pa_IN-2.0.0.12-1mdv2007.1.x86_64.rpm 664f9a441cd31d92783ddc48e537ce4e 2007.1/x86_64/mozilla-firefox-pl-2.0.0.12-1mdv2007.1.x86_64.rpm d839b414d813ff733637121d5dfc9597 2007.1/x86_64/mozilla-firefox-pt_BR-2.0.0.12-1mdv2007.1.x86_64.rpm cc322abde304375cb3593656f439dd4a 2007.1/x86_64/mozilla-firefox-pt_PT-2.0.0.12-1mdv2007.1.x86_64.rpm 03ee8f92667603edc0dfbd3d25d98a91 2007.1/x86_64/mozilla-firefox-ro-2.0.0.12-1mdv2007.1.x86_64.rpm f0d1391e46f5ba33ae6b46f96afcbb62 2007.1/x86_64/mozilla-firefox-ru-2.0.0.12-1mdv2007.1.x86_64.rpm 2373c8b353b75a989409c95c8a3376b0 2007.1/x86_64/mozilla-firefox-sk-2.0.0.12-1mdv2007.1.x86_64.rpm 5a4e7d321490dbdae8f0d1c391033cf4 2007.1/x86_64/mozilla-firefox-sl-2.0.0.12-1mdv2007.1.x86_64.rpm 6e30e25e08cd23fa9783800aaeb17d38 2007.1/x86_64/mozilla-firefox-sv_SE-2.0.0.12-1mdv2007.1.x86_64.rpm 47f3e27f3e000924f81404f3cda222cc 2007.1/x86_64/mozilla-firefox-tr-2.0.0.12-1mdv2007.1.x86_64.rpm 2e843cc9a0ad5527f097840b3482e93d 2007.1/x86_64/mozilla-firefox-uk-2.0.0.12-1mdv2007.1.x86_64.rpm d6d560ef65a33e06222417ca0f25a69d 2007.1/x86_64/mozilla-firefox-zh_CN-2.0.0.12-1mdv2007.1.x86_64.rpm 6f023284f94e59d9a3a555147423c2fa 2007.1/x86_64/mozilla-firefox-zh_TW-2.0.0.12-1mdv2007.1.x86_64.rpm 9c244429f79868294786d3edb88b630d 2007.1/x86_64/totem-2.18.2-1.7mdv2007.1.x86_64.rpm 0839e08ff2af223b6ba3d80670af7961 2007.1/x86_64/totem-common-2.18.2-1.7mdv2007.1.x86_64.rpm de037eb59adf51a7d8dafbe1b65f01cd 2007.1/x86_64/totem-gstreamer-2.18.2-1.7mdv2007.1.x86_64.rpm 968247765ff758ddd93d38020604957d 2007.1/x86_64/totem-mozilla-2.18.2-1.7mdv2007.1.x86_64.rpm 40d3cb387ecf9f50e549065690b6577f 2007.1/x86_64/totem-mozilla-gstreamer-2.18.2-1.7mdv2007.1.x86_64.rpm 2b5ffacf78cf59f0d5bcd748c6cfc3b9 2007.1/x86_64/yelp-2.18.0-3.6mdv2007.1.x86_64.rpm 22d9b3b7e5698b47fccc3a6357fec6e4 2007.1/SRPMS/deskbar-applet-2.18.0-3.6mdv2007.1.src.rpm 3cf093179a5d711a1532960931d4c069 2007.1/SRPMS/devhelp-0.13-3.6mdv2007.1.src.rpm 824c26cd3bf015fa907e8c870b083297 2007.1/SRPMS/eclipse-3.2.2-3.4.4mdv2007.1.src.rpm 9c3cec104d4eda89c867added6371874 2007.1/SRPMS/epiphany-2.18.0-5.6mdv2007.1.src.rpm 1b6f481d3645ae3d5cb5765a7c456d2a 2007.1/SRPMS/epiphany-extensions-2.18.0-2.5mdv2007.1.src.rpm 759216aff8dc1d14d5de891bc7745d6f 2007.1/SRPMS/galeon-2.0.3-5.6mdv2007.1.src.rpm 3304dc108695e6197e6b30ee03a51a09 2007.1/SRPMS/gnome-python-extras-2.14.3-4.6mdv2007.1.src.rpm 478ad85c7863af6629ac7234debdfbfa 2007.1/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2007.1.src.rpm bd76471a2d41c2578b18939415e03b8e 2007.1/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2007.1.src.rpm 9747016f17a8f616419f1b7c4e49dc1f 2007.1/SRPMS/totem-2.18.2-1.7mdv2007.1.src.rpm f1d428e2757775ec76d83f3be78e6717 2007.1/SRPMS/yelp-2.18.0-3.6mdv2007.1.src.rpm

    Mandriva Linux 2008.0: b9ed3ce884f9bdc1bbc2ca45a69b49e9 2008.0/i586/devhelp-0.16-1.3mdv2008.0.i586.rpm ed2da3bc8550f42d071afe5cd5dcb626 2008.0/i586/devhelp-plugins-0.16-1.3mdv2008.0.i586.rpm 278b937377cab903ac69490711a8b928 2008.0/i586/eclipse-cvs-client-3.3.0-0.20.8.3mdv2008.0.i586.rpm 22d6fc428c6c1439da9b193de7f8bc13 2008.0/i586/eclipse-ecj-3.3.0-0.20.8.3mdv2008.0.i586.rpm 4cbee48cb9289a3275010e378c2156f5 2008.0/i586/eclipse-jdt-3.3.0-0.20.8.3mdv2008.0.i586.rpm 1d1d9fc56fbdf18e78c6ff5db0238758 2008.0/i586/eclipse-pde-3.3.0-0.20.8.3mdv2008.0.i586.rpm 5307ccd1f83a046923b488b2f939152c 2008.0/i586/eclipse-pde-runtime-3.3.0-0.20.8.3mdv2008.0.i586.rpm f7ec4b95c23f2b879ac5c1d807076429 2008.0/i586/eclipse-platform-3.3.0-0.20.8.3mdv2008.0.i586.rpm 6c03f1c0a1282323c29ecdd41124ec69 2008.0/i586/eclipse-rcp-3.3.0-0.20.8.3mdv2008.0.i586.rpm 298103c5cd25124cf033dc4306c9c9f5 2008.0/i586/epiphany-2.20.0-1.3mdv2008.0.i586.rpm 62dffadf7d2352111917c4c344aaba65 2008.0/i586/epiphany-devel-2.20.0-1.3mdv2008.0.i586.rpm 2f24d71af446fb3368c06791f0df09d0 2008.0/i586/galeon-2.0.3-7.3mdv2008.0.i586.rpm e722fe502740262bfd86f1d56baad8b4 2008.0/i586/gnome-python-extras-2.19.1-4.3mdv2008.0.i586.rpm 7fa422ad5d8fc5a22f18e1344de6a52e 2008.0/i586/gnome-python-gda-2.19.1-4.3mdv2008.0.i586.rpm 01b3b75cd0f61b6cede729ad0ce7049e 2008.0/i586/gnome-python-gda-devel-2.19.1-4.3mdv2008.0.i586.rpm b027bdacb4c54794a39941ed57eae603 2008.0/i586/gnome-python-gdl-2.19.1-4.3mdv2008.0.i586.rpm f03b3364360771482c3787e07eec7cb1 2008.0/i586/gnome-python-gksu-2.19.1-4.3mdv2008.0.i586.rpm 61b7e3bf96718d1b3f69c7975aa50304 2008.0/i586/gnome-python-gtkhtml2-2.19.1-4.3mdv2008.0.i586.rpm 1b3e7d7f72f8e6c7538ff1dc64f26e8c 2008.0/i586/gnome-python-gtkmozembed-2.19.1-4.3mdv2008.0.i586.rpm d02af7b90406fac43092c2081680d710 2008.0/i586/gnome-python-gtkspell-2.19.1-4.3mdv2008.0.i586.rpm 4ccf8f36d0458a428e9fb2345e94cfc2 2008.0/i586/libdevhelp-1-devel-0.16-1.3mdv2008.0.i586.rpm d02dc201a45281fcd871f84daa80564f 2008.0/i586/libdevhelp-1_0-0.16-1.3mdv2008.0.i586.rpm 4a6927720465de3b79a3497f2a578c2b 2008.0/i586/libmozilla-firefox-devel-2.0.0.12-1.1mdv2008.0.i586.rpm 844ea6862f575229557ce2f8a058432b 2008.0/i586/libmozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2008.0.i586.rpm f450a3638c675dc92ff2ef0a685d11ee 2008.0/i586/libswt3-gtk2-3.3.0-0.20.8.3mdv2008.0.i586.rpm 445b0e3b0a8d3a078307938e72e2b78d 2008.0/i586/libtotem-plparser-devel-2.20.1-1.2mdv2008.0.i586.rpm 3a3c057314238103a36115fa71bb637f 2008.0/i586/libtotem-plparser7-2.20.1-1.2mdv2008.0.i586.rpm d56467de0ac9ea808080b0605909366e 2008.0/i586/mozilla-firefox-2.0.0.12-1.1mdv2008.0.i586.rpm 0711c8212df759437a176f8525560e6e 2008.0/i586/mozilla-firefox-af-2.0.0.12-1mdv2008.0.i586.rpm 15f1e548b0d2198742f4d358ad796a42 2008.0/i586/mozilla-firefox-ar-2.0.0.12-1mdv2008.0.i586.rpm 82fa5aea23785a60616c68a8ef7e5932 2008.0/i586/mozilla-firefox-be-2.0.0.12-1mdv2008.0.i586.rpm 96385f21854f261d354406257ae25362 2008.0/i586/mozilla-firefox-bg-2.0.0.12-1mdv2008.0.i586.rpm a148aa83b35eb670fedf19c80c0876a3 2008.0/i586/mozilla-firefox-br_FR-2.0.0.12-1mdv2008.0.i586.rpm ddb1086ba8de9dcea6fa3e561a2a7310 2008.0/i586/mozilla-firefox-ca-2.0.0.12-1mdv2008.0.i586.rpm 2023098fa5017553eddd2d780acc096f 2008.0/i586/mozilla-firefox-cs-2.0.0.12-1mdv2008.0.i586.rpm 60dab666392dc1b2e0ae9ba3d4be008b 2008.0/i586/mozilla-firefox-da-2.0.0.12-1mdv2008.0.i586.rpm b12a81d439f33c9f7b247e91500b2146 2008.0/i586/mozilla-firefox-de-2.0.0.12-1mdv2008.0.i586.rpm e41c11cf94981c0b7b3df390da495bc0 2008.0/i586/mozilla-firefox-el-2.0.0.12-1mdv2008.0.i586.rpm 569922ef1cf787bb1a695a63775d1389 2008.0/i586/mozilla-firefox-en_GB-2.0.0.12-1mdv2008.0.i586.rpm c5efdffee339eaf9d34bace8942888b4 2008.0/i586/mozilla-firefox-es_AR-2.0.0.12-1mdv2008.0.i586.rpm d151770d576f08c9204b13b3ea1559d9 2008.0/i586/mozilla-firefox-es_ES-2.0.0.12-1mdv2008.0.i586.rpm 946886a35d058f30de178938496ebe96 2008.0/i586/mozilla-firefox-et_EE-2.0.0.12-1mdv2008.0.i586.rpm 949d8575e900c1df357f2e9eef7a32ca 2008.0/i586/mozilla-firefox-eu-2.0.0.12-1mdv2008.0.i586.rpm 6f06703f8ee7d7ebfaa951eb9b935397 2008.0/i586/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.i586.rpm 1a67631467fd5cdcd1fd63cd55807c0c 2008.0/i586/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.i586.rpm 145d0c6bf0e6d5bacbdf63471844d3a7 2008.0/i586/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.i586.rpm 2e24c0bf13b81aef0524988a48c86c85 2008.0/i586/mozilla-firefox-fi-2.0.0.12-1mdv2008.0.i586.rpm bf859aba5985cd4f8de5d77097ce27ab 2008.0/i586/mozilla-firefox-fr-2.0.0.12-1mdv2008.0.i586.rpm 1e419bb831898aa7f7f280b101e33163 2008.0/i586/mozilla-firefox-fy-2.0.0.12-1mdv2008.0.i586.rpm 7e6411d52ce2a968274410514ca319d3 2008.0/i586/mozilla-firefox-ga-2.0.0.12-1mdv2008.0.i586.rpm 60cb492b459d4fc3fc076b8ac90013e8 2008.0/i586/mozilla-firefox-gnome-support-2.0.0.12-1.1mdv2008.0.i586.rpm 34cf05391500b866f1b0b4776046ab3f 2008.0/i586/mozilla-firefox-gu_IN-2.0.0.12-1mdv2008.0.i586.rpm 9b2954bd04ecc285f2535a828432d0df 2008.0/i586/mozilla-firefox-he-2.0.0.12-1mdv2008.0.i586.rpm 2356729d9b2e4b532838c7913ba30637 2008.0/i586/mozilla-firefox-hu-2.0.0.12-1mdv2008.0.i586.rpm d213db926f0959643649708ed4c4af61 2008.0/i586/mozilla-firefox-it-2.0.0.12-1mdv2008.0.i586.rpm 352161c8c2aa1943e791cc58f0e3c785 2008.0/i586/mozilla-firefox-ja-2.0.0.12-1mdv2008.0.i586.rpm 72465fe9a44aeeb74a6cfd412f9e708b 2008.0/i586/mozilla-firefox-ka-2.0.0.12-1mdv2008.0.i586.rpm 445861082658f826f76f01c8f48ce040 2008.0/i586/mozilla-firefox-ko-2.0.0.12-1mdv2008.0.i586.rpm b33adecf186e8301cd292075a699eef0 2008.0/i586/mozilla-firefox-ku-2.0.0.12-1mdv2008.0.i586.rpm 878a44794064d86bbc3a511fc9f94d1e 2008.0/i586/mozilla-firefox-lt-2.0.0.12-1mdv2008.0.i586.rpm 05bdf7d1f1d304f8e1e6aa2e990bd764 2008.0/i586/mozilla-firefox-mk-2.0.0.12-1mdv2008.0.i586.rpm b32ae7f6ad74c87d2efed37df2150967 2008.0/i586/mozilla-firefox-mn-2.0.0.12-1mdv2008.0.i586.rpm 8fdeb19e609e8334379bd7b13d88fcb6 2008.0/i586/mozilla-firefox-nb_NO-2.0.0.12-1mdv2008.0.i586.rpm 4e3f6d3a1030791d16855755489fead0 2008.0/i586/mozilla-firefox-nl-2.0.0.12-1mdv2008.0.i586.rpm 71d850481e225951fb6ed40501976174 2008.0/i586/mozilla-firefox-nn_NO-2.0.0.12-1mdv2008.0.i586.rpm 8d5bb6c37b32575fc34c4334be6e1842 2008.0/i586/mozilla-firefox-pa_IN-2.0.0.12-1mdv2008.0.i586.rpm 848747d8c1a6b48808a7f7c6148e1d26 2008.0/i586/mozilla-firefox-pl-2.0.0.12-1mdv2008.0.i586.rpm e1beba530c98af86e02164a948fcf08b 2008.0/i586/mozilla-firefox-pt_BR-2.0.0.12-1mdv2008.0.i586.rpm 3a9d3ef361497ee878f1f970a1916e2d 2008.0/i586/mozilla-firefox-pt_PT-2.0.0.12-1mdv2008.0.i586.rpm 994a4e5470f23522b3188de86b405edb 2008.0/i586/mozilla-firefox-ro-2.0.0.12-1mdv2008.0.i586.rpm 0862286c72978f7ed8ae34be4e0f3e4e 2008.0/i586/mozilla-firefox-ru-2.0.0.12-1mdv2008.0.i586.rpm 455ecd10092e5bec3904e72426cb7d17 2008.0/i586/mozilla-firefox-sk-2.0.0.12-1mdv2008.0.i586.rpm 49ea3406aeec377bf84d74e5407a9f9e 2008.0/i586/mozilla-firefox-sl-2.0.0.12-1mdv2008.0.i586.rpm 4e6074968ddd1ae114d3041c4742643d 2008.0/i586/mozilla-firefox-sv_SE-2.0.0.12-1mdv2008.0.i586.rpm 117e43ed744cf4363ccf9b7de9db90da 2008.0/i586/mozilla-firefox-tr-2.0.0.12-1mdv2008.0.i586.rpm f4b7a624f8b7cd2c91c1a3a5c82c4c86 2008.0/i586/mozilla-firefox-uk-2.0.0.12-1mdv2008.0.i586.rpm e023caab47e5409ae7892144b4603139 2008.0/i586/mozilla-firefox-zh_CN-2.0.0.12-1mdv2008.0.i586.rpm bfce9fb35e295b3aab1937a5930f94cd 2008.0/i586/mozilla-firefox-zh_TW-2.0.0.12-1mdv2008.0.i586.rpm 3faf9dcb53903cfc255c8a83b441376d 2008.0/i586/totem-2.20.1-1.2mdv2008.0.i586.rpm 37614ee5b5d3e141573e5d17d142d419 2008.0/i586/totem-common-2.20.1-1.2mdv2008.0.i586.rpm 5d894ec0e4e9695b5c45897be5a3fe41 2008.0/i586/totem-gstreamer-2.20.1-1.2mdv2008.0.i586.rpm bdda2275535580a00d87374804d8356a 2008.0/i586/totem-mozilla-2.20.1-1.2mdv2008.0.i586.rpm b5b144ef52b3d0c79cfea70098e593ee 2008.0/i586/totem-mozilla-gstreamer-2.20.1-1.2mdv2008.0.i586.rpm 131b7e638a900ef5483b238760b3ce7e 2008.0/i586/yelp-2.20.0-3.2mdv2008.0.i586.rpm fd64f784036f9a7a67ae7dc4bc840755 2008.0/SRPMS/devhelp-0.16-1.3mdv2008.0.src.rpm 483a9c4d9ae531f9b3586d3a2da2f8a2 2008.0/SRPMS/eclipse-3.3.0-0.20.8.3mdv2008.0.src.rpm 331b129d4ea2db89884b6531a8a7f58b 2008.0/SRPMS/epiphany-2.20.0-1.3mdv2008.0.src.rpm 3c7ab32d75b68e67a68b1933aa477fa9 2008.0/SRPMS/galeon-2.0.3-7.3mdv2008.0.src.rpm 4f71054efcad5f6ea4a41d3f003fd909 2008.0/SRPMS/gnome-python-extras-2.19.1-4.3mdv2008.0.src.rpm 64ec454e2292e0f3d39d1c3b23407957 2008.0/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2008.0.src.rpm b0f611d44d02a710ed8d868d745cca25 2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.src.rpm 344da985922776256af6accfba04672a 2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.src.rpm eb8583166df4ad6591d184af922824c3 2008.0/SRPMS/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.src.rpm 9c9ca299024b58a8c292c723724e4aa8 2008.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2008.0.src.rpm db53f00eaa8cc296f6cd1109fe45cc69 2008.0/SRPMS/totem-2.20.1-1.2mdv2008.0.src.rpm 4429b4db2e0c4d1f27abccc8e140023e 2008.0/SRPMS/yelp-2.20.0-3.2mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 7637b945a5a1d92d319929e6116fff90 2008.0/x86_64/devhelp-0.16-1.3mdv2008.0.x86_64.rpm e90b3b646f35eeb9ab56d5709139e44e 2008.0/x86_64/devhelp-plugins-0.16-1.3mdv2008.0.x86_64.rpm f637d11794273584bab7709f72a93bc8 2008.0/x86_64/eclipse-cvs-client-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm 90d38b352269c8cd1830752e68222146 2008.0/x86_64/eclipse-ecj-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm d9f6e45888de01e795f5d31fcc609d34 2008.0/x86_64/eclipse-jdt-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm 8f2014eedbc9549489aaa9d3ccac141f 2008.0/x86_64/eclipse-pde-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm 52268ee1aee89cc1fbbc39b9a49fa4a3 2008.0/x86_64/eclipse-pde-runtime-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm e51c76c8f9304dd47e24e84954d2bad7 2008.0/x86_64/eclipse-platform-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm f6d7a18638cf2264d90b82804dee0605 2008.0/x86_64/eclipse-rcp-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm 2b14100415d56d45fd66a1038c03bc41 2008.0/x86_64/epiphany-2.20.0-1.3mdv2008.0.x86_64.rpm 18cec3625191d15787b77819c97992e0 2008.0/x86_64/epiphany-devel-2.20.0-1.3mdv2008.0.x86_64.rpm 672f2b365918d0d562a57451761f7175 2008.0/x86_64/galeon-2.0.3-7.3mdv2008.0.x86_64.rpm 620bcafdf53e73c4619c5a346c70a531 2008.0/x86_64/gnome-python-extras-2.19.1-4.3mdv2008.0.x86_64.rpm 1f954e8583d479e1921ec39e2842ed65 2008.0/x86_64/gnome-python-gda-2.19.1-4.3mdv2008.0.x86_64.rpm d2b51bd56abca2be983d4d54c741f6fd 2008.0/x86_64/gnome-python-gda-devel-2.19.1-4.3mdv2008.0.x86_64.rpm e5b9d75c878c43be0de65617a5c62dd8 2008.0/x86_64/gnome-python-gdl-2.19.1-4.3mdv2008.0.x86_64.rpm c39535f16de1822b3afcbafb38cdd067 2008.0/x86_64/gnome-python-gksu-2.19.1-4.3mdv2008.0.x86_64.rpm 982509689a28dbc301c3f65278639ec8 2008.0/x86_64/gnome-python-gtkhtml2-2.19.1-4.3mdv2008.0.x86_64.rpm 7e324bc741e70a3b560ac7657d36b424 2008.0/x86_64/gnome-python-gtkmozembed-2.19.1-4.3mdv2008.0.x86_64.rpm 9acc6d3c83cdb74954a281dc62899599 2008.0/x86_64/gnome-python-gtkspell-2.19.1-4.3mdv2008.0.x86_64.rpm fca20482c9fa5c36cc70ea4dbee013cf 2008.0/x86_64/lib64devhelp-1-devel-0.16-1.3mdv2008.0.x86_64.rpm 230116bc2d8c100fa6e79c751e8849e8 2008.0/x86_64/lib64devhelp-1_0-0.16-1.3mdv2008.0.x86_64.rpm a99787473640413505d74dd9af737c33 2008.0/x86_64/lib64mozilla-firefox-devel-2.0.0.12-1.1mdv2008.0.x86_64.rpm 7765387decd77b6cd678ba97a80aa212 2008.0/x86_64/lib64mozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2008.0.x86_64.rpm f771f31ce21856d297af6b314e73bd6f 2008.0/x86_64/lib64totem-plparser-devel-2.20.1-1.2mdv2008.0.x86_64.rpm 8165c641a39c30be4147cbb006e6ce59 2008.0/x86_64/lib64totem-plparser7-2.20.1-1.2mdv2008.0.x86_64.rpm f9d8ede28ccc73d9c4e1eb42c3b529dd 2008.0/x86_64/libswt3-gtk2-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm a2a62a67abf56f791fe8867de18c3d9f 2008.0/x86_64/mozilla-firefox-2.0.0.12-1.1mdv2008.0.x86_64.rpm ca37b76d4c340aa31f696f7539e0ea33 2008.0/x86_64/mozilla-firefox-af-2.0.0.12-1mdv2008.0.x86_64.rpm 03bba40715b886951b4809058c61446a 2008.0/x86_64/mozilla-firefox-ar-2.0.0.12-1mdv2008.0.x86_64.rpm b6ce56c92082b2e329941af2a48007f7 2008.0/x86_64/mozilla-firefox-be-2.0.0.12-1mdv2008.0.x86_64.rpm d9fb339dc9374c58b5652d71f2a90454 2008.0/x86_64/mozilla-firefox-bg-2.0.0.12-1mdv2008.0.x86_64.rpm ecb686040cfcc1741b0a328576214340 2008.0/x86_64/mozilla-firefox-br_FR-2.0.0.12-1mdv2008.0.x86_64.rpm 0554cc5ff06d136da6eb7e02d039eba2 2008.0/x86_64/mozilla-firefox-ca-2.0.0.12-1mdv2008.0.x86_64.rpm faf68eb0c9a52a58d98290b74c98d7a0 2008.0/x86_64/mozilla-firefox-cs-2.0.0.12-1mdv2008.0.x86_64.rpm 105febad3e8a142f1b5741e53b7623b7 2008.0/x86_64/mozilla-firefox-da-2.0.0.12-1mdv2008.0.x86_64.rpm a09f4b5117c11ca7415e0987471b3198 2008.0/x86_64/mozilla-firefox-de-2.0.0.12-1mdv2008.0.x86_64.rpm 9a4c5ebcb8fa0fd83f9b1b0448f74ff7 2008.0/x86_64/mozilla-firefox-el-2.0.0.12-1mdv2008.0.x86_64.rpm e3d73c78cfd7f50aaaa0c7c50ae26133 2008.0/x86_64/mozilla-firefox-en_GB-2.0.0.12-1mdv2008.0.x86_64.rpm 733628c57cf6a1165db3ba8cfda4632f 2008.0/x86_64/mozilla-firefox-es_AR-2.0.0.12-1mdv2008.0.x86_64.rpm 2af0226fcdae799c8e4d9844fba5a060 2008.0/x86_64/mozilla-firefox-es_ES-2.0.0.12-1mdv2008.0.x86_64.rpm 67144ddc8c9226bdbcbaa9d9255e02b3 2008.0/x86_64/mozilla-firefox-et_EE-2.0.0.12-1mdv2008.0.x86_64.rpm 92888bed6a4187ee27af85da7a96aba9 2008.0/x86_64/mozilla-firefox-eu-2.0.0.12-1mdv2008.0.x86_64.rpm 6eaa41c4a0bdde8f016beb06e719e57c 2008.0/x86_64/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.x86_64.rpm f1453161a26e650c4172bf7a69dc2f52 2008.0/x86_64/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.x86_64.rpm 3a7cbb41c223cc1eb64e70011a50a92e 2008.0/x86_64/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.x86_64.rpm 7d4987023db30662237b2dff17673112 2008.0/x86_64/mozilla-firefox-fi-2.0.0.12-1mdv2008.0.x86_64.rpm 665624041067cb596d20ac0fae0c56e1 2008.0/x86_64/mozilla-firefox-fr-2.0.0.12-1mdv2008.0.x86_64.rpm e371bf004aee3199dae4818f156cc2a8 2008.0/x86_64/mozilla-firefox-fy-2.0.0.12-1mdv2008.0.x86_64.rpm 8187e9e50111404689936a361edcb9e0 2008.0/x86_64/mozilla-firefox-ga-2.0.0.12-1mdv2008.0.x86_64.rpm b59b0c7598a9ff58d266ef445b60a6ea 2008.0/x86_64/mozilla-firefox-gnome-support-2.0.0.12-1.1mdv2008.0.x86_64.rpm 3da5205396822b8e7ddd189c9dede8db 2008.0/x86_64/mozilla-firefox-gu_IN-2.0.0.12-1mdv2008.0.x86_64.rpm b6540fa0265f001e1ec7ea34c8d62964 2008.0/x86_64/mozilla-firefox-he-2.0.0.12-1mdv2008.0.x86_64.rpm 2ee06f3b7c50e7556f9495fbd72e2400 2008.0/x86_64/mozilla-firefox-hu-2.0.0.12-1mdv2008.0.x86_64.rpm 1293fc5f1ecfd8f73ee14ce4cd38d89b 2008.0/x86_64/mozilla-firefox-it-2.0.0.12-1mdv2008.0.x86_64.rpm 0bb358710509fd6e3d62eb8d89fd8277 2008.0/x86_64/mozilla-firefox-ja-2.0.0.12-1mdv2008.0.x86_64.rpm f55afc6e06b1b1ffb81bb509fe1790c9 2008.0/x86_64/mozilla-firefox-ka-2.0.0.12-1mdv2008.0.x86_64.rpm 12f6237676be8832af1acf05ff64ebb2 2008.0/x86_64/mozilla-firefox-ko-2.0.0.12-1mdv2008.0.x86_64.rpm 12716873fa7cefc1ec056bdd82ae0667 2008.0/x86_64/mozilla-firefox-ku-2.0.0.12-1mdv2008.0.x86_64.rpm dd794d67a43611fc29e34c068ee775d3 2008.0/x86_64/mozilla-firefox-lt-2.0.0.12-1mdv2008.0.x86_64.rpm 40d0a5fcf19888cb0de6ff20a00b2a2c 2008.0/x86_64/mozilla-firefox-mk-2.0.0.12-1mdv2008.0.x86_64.rpm b240c1bcd60d2555c06134b166b356fa 2008.0/x86_64/mozilla-firefox-mn-2.0.0.12-1mdv2008.0.x86_64.rpm ce6bee8f71969e259e66fc5ccd72f668 2008.0/x86_64/mozilla-firefox-nb_NO-2.0.0.12-1mdv2008.0.x86_64.rpm f4620fd14b954c78709fcc01708f6053 2008.0/x86_64/mozilla-firefox-nl-2.0.0.12-1mdv2008.0.x86_64.rpm e7a51c8d25fc46637845172a96a7366d 2008.0/x86_64/mozilla-firefox-nn_NO-2.0.0.12-1mdv2008.0.x86_64.rpm cbd80830cf912bd3f0eb4b5e73de7c9b 2008.0/x86_64/mozilla-firefox-pa_IN-2.0.0.12-1mdv2008.0.x86_64.rpm b86fa8fb3a49c00bc909efaf22b8e7e2 2008.0/x86_64/mozilla-firefox-pl-2.0.0.12-1mdv2008.0.x86_64.rpm d5b445d81a5e497fefd3658bcbd76c9d 2008.0/x86_64/mozilla-firefox-pt_BR-2.0.0.12-1mdv2008.0.x86_64.rpm f6c7c3d82b2e46c0c53674b23bd9f610 2008.0/x86_64/mozilla-firefox-pt_PT-2.0.0.12-1mdv2008.0.x86_64.rpm c814c511adbc79d7506208c16964dd82 2008.0/x86_64/mozilla-firefox-ro-2.0.0.12-1mdv2008.0.x86_64.rpm 1dbfd204f8b7fdf1a1a3d8a318390982 2008.0/x86_64/mozilla-firefox-ru-2.0.0.12-1mdv2008.0.x86_64.rpm ff96c040977b5387ac143cb542954605 2008.0/x86_64/mozilla-firefox-sk-2.0.0.12-1mdv2008.0.x86_64.rpm 405bfe183faf8385603c18dba56e462b 2008.0/x86_64/mozilla-firefox-sl-2.0.0.12-1mdv2008.0.x86_64.rpm 09ada1b389808bcfc841b4bf2f58d3b7 2008.0/x86_64/mozilla-firefox-sv_SE-2.0.0.12-1mdv2008.0.x86_64.rpm 5883cf4f015b18e84942ad3b334835ce 2008.0/x86_64/mozilla-firefox-tr-2.0.0.12-1mdv2008.0.x86_64.rpm a7f9ee2ceb3b72c7e3855850b5b224d9 2008.0/x86_64/mozilla-firefox-uk-2.0.0.12-1mdv2008.0.x86_64.rpm 98171713d09ae8405d2d26eccb166352 2008.0/x86_64/mozilla-firefox-zh_CN-2.0.0.12-1mdv2008.0.x86_64.rpm 907b73fc00a166ab82c90cce9dcb2855 2008.0/x86_64/mozilla-firefox-zh_TW-2.0.0.12-1mdv2008.0.x86_64.rpm c55f978b69d6c6d0d272613f4d34c6bf 2008.0/x86_64/totem-2.20.1-1.2mdv2008.0.x86_64.rpm e7bf2fa7b63ba9217356f953a7d6e32a 2008.0/x86_64/totem-common-2.20.1-1.2mdv2008.0.x86_64.rpm f32ec045873ee9a1e4eada8f14ef370d 2008.0/x86_64/totem-gstreamer-2.20.1-1.2mdv2008.0.x86_64.rpm 268619b6747e69c4011760509d6c4249 2008.0/x86_64/totem-mozilla-2.20.1-1.2mdv2008.0.x86_64.rpm 83e2f72cbce5e5cf2a4fa037e843eddc 2008.0/x86_64/totem-mozilla-gstreamer-2.20.1-1.2mdv2008.0.x86_64.rpm ee8611f2b5580f819e2380b07ccf8879 2008.0/x86_64/yelp-2.20.0-3.2mdv2008.0.x86_64.rpm fd64f784036f9a7a67ae7dc4bc840755 2008.0/SRPMS/devhelp-0.16-1.3mdv2008.0.src.rpm 483a9c4d9ae531f9b3586d3a2da2f8a2 2008.0/SRPMS/eclipse-3.3.0-0.20.8.3mdv2008.0.src.rpm 331b129d4ea2db89884b6531a8a7f58b 2008.0/SRPMS/epiphany-2.20.0-1.3mdv2008.0.src.rpm 3c7ab32d75b68e67a68b1933aa477fa9 2008.0/SRPMS/galeon-2.0.3-7.3mdv2008.0.src.rpm 4f71054efcad5f6ea4a41d3f003fd909 2008.0/SRPMS/gnome-python-extras-2.19.1-4.3mdv2008.0.src.rpm 64ec454e2292e0f3d39d1c3b23407957 2008.0/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2008.0.src.rpm b0f611d44d02a710ed8d868d745cca25 2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.src.rpm 344da985922776256af6accfba04672a 2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.src.rpm eb8583166df4ad6591d184af922824c3 2008.0/SRPMS/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.src.rpm 9c9ca299024b58a8c292c723724e4aa8 2008.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2008.0.src.rpm db53f00eaa8cc296f6cd1109fe45cc69 2008.0/SRPMS/totem-2.20.1-1.2mdv2008.0.src.rpm 4429b4db2e0c4d1f27abccc8e140023e 2008.0/SRPMS/yelp-2.20.0-3.2mdv2008.0.src.rpm

    Corporate 3.0: 550dadd02da46677bd28e11be84af07c corporate/3.0/i586/libnspr4-2.0.0.12-0.1.C30mdk.i586.rpm 4878b838f7b58178db5c5810db1f9dce corporate/3.0/i586/libnspr4-devel-2.0.0.12-0.1.C30mdk.i586.rpm 43eff3ed0e41653190e4d3ae3579cda4 corporate/3.0/i586/libnspr4-static-devel-2.0.0.12-0.1.C30mdk.i586.rpm c1844362f249aca14692aba19bd0e11f corporate/3.0/i586/libnss3-2.0.0.12-0.1.C30mdk.i586.rpm 8beb45a5fc33b02bf4d148ae9e440414 corporate/3.0/i586/libnss3-devel-2.0.0.12-0.1.C30mdk.i586.rpm c9aa59e8bb3ac4b4984231d8f01a8505 corporate/3.0/i586/mozilla-firefox-2.0.0.12-0.1.C30mdk.i586.rpm b1baa8652f174fb7f7abed9b1745bf96 corporate/3.0/i586/mozilla-firefox-ar-2.0.0.12-0.1.C30mdk.i586.rpm ad5a0a4684cfee839501ecb025d547a2 corporate/3.0/i586/mozilla-firefox-bg-2.0.0.12-0.1.C30mdk.i586.rpm 26a215b87cd1112589a98544dd0ac41e corporate/3.0/i586/mozilla-firefox-br-2.0.0.12-0.1.C30mdk.i586.rpm 43860455bf9bc4bdc0058f6188eff583 corporate/3.0/i586/mozilla-firefox-ca-2.0.0.12-0.1.C30mdk.i586.rpm ff84769e6cc3e2c176eea3f1378b7f13 corporate/3.0/i586/mozilla-firefox-cs-2.0.0.12-0.1.C30mdk.i586.rpm 712e3c9a7e2c1f31a212a50b6a916d5b corporate/3.0/i586/mozilla-firefox-da-2.0.0.12-0.1.C30mdk.i586.rpm 21384ac68a9a158d05c8a113f657aba7 corporate/3.0/i586/mozilla-firefox-de-2.0.0.12-0.1.C30mdk.i586.rpm ff3b79ce5a8557d51215a95a91ce7a57 corporate/3.0/i586/mozilla-firefox-devel-2.0.0.12-0.1.C30mdk.i586.rpm 817f8ac7f07ca552507861270ab673b1 corporate/3.0/i586/mozilla-firefox-el-2.0.0.12-0.1.C30mdk.i586.rpm 9e4bf251eb7211e3c13c652470edd2f4 corporate/3.0/i586/mozilla-firefox-es-2.0.0.12-0.1.C30mdk.i586.rpm 50bce55b911214d0b6169fbc5b022f10 corporate/3.0/i586/mozilla-firefox-es_AR-2.0.0.12-0.1.C30mdk.i586.rpm a119c958b460012f0692de2e95d88dcc corporate/3.0/i586/mozilla-firefox-eu-2.0.0.12-0.1.C30mdk.i586.rpm d1563fb09d46065a4142c346e2b51f7a corporate/3.0/i586/mozilla-firefox-fi-2.0.0.12-0.1.C30mdk.i586.rpm e6683f7f2671ac6e391feb1856e07b4c corporate/3.0/i586/mozilla-firefox-fr-2.0.0.12-0.1.C30mdk.i586.rpm 32ed3343c587ce65670f8889215efd13 corporate/3.0/i586/mozilla-firefox-fy-2.0.0.12-0.1.C30mdk.i586.rpm 1b4949f6924352d891e267a372976ee7 corporate/3.0/i586/mozilla-firefox-ga-2.0.0.12-0.1.C30mdk.i586.rpm 2feaa589901cdd5814e178f93a67a9d2 corporate/3.0/i586/mozilla-firefox-gu_IN-2.0.0.12-0.1.C30mdk.i586.rpm e3dd4574d2c17e0dd0ab6c24e01a7ef0 corporate/3.0/i586/mozilla-firefox-he-2.0.0.12-0.1.C30mdk.i586.rpm 2bc8200cea954caeb99a101f15c82fa3 corporate/3.0/i586/mozilla-firefox-hu-2.0.0.12-0.1.C30mdk.i586.rpm e4089156af8dd0ef08a75896345c4abe corporate/3.0/i586/mozilla-firefox-it-2.0.0.12-0.1.C30mdk.i586.rpm 17b4af5dd41ffa19979372389bbe5894 corporate/3.0/i586/mozilla-firefox-ja-2.0.0.12-0.1.C30mdk.i586.rpm d360ae8b94e9f161654f0e1ad3db809a corporate/3.0/i586/mozilla-firefox-ko-2.0.0.12-0.1.C30mdk.i586.rpm 3e582e8d8b624d54fe07883213e20d90 corporate/3.0/i586/mozilla-firefox-lt-2.0.0.12-0.1.C30mdk.i586.rpm 7e490e7bcb8cda57769866a8b810e443 corporate/3.0/i586/mozilla-firefox-mk-2.0.0.12-0.1.C30mdk.i586.rpm f309b26c279b470d8337f65914674b89 corporate/3.0/i586/mozilla-firefox-nb-2.0.0.12-0.1.C30mdk.i586.rpm 720d18b177136d5d96910329d9f7ee25 corporate/3.0/i586/mozilla-firefox-nl-2.0.0.12-0.1.C30mdk.i586.rpm 24c61982d71a2d63bf71bb0faccf90a1 corporate/3.0/i586/mozilla-firefox-pa_IN-2.0.0.12-0.1.C30mdk.i586.rpm 036712e98bbbef9a7966dfbd81954866 corporate/3.0/i586/mozilla-firefox-pl-2.0.0.12-0.1.C30mdk.i586.rpm 0619996ce1e3dc99084c013100918c71 corporate/3.0/i586/mozilla-firefox-pt-2.0.0.12-0.1.C30mdk.i586.rpm 0f14d3385b03309473925c5b139afee3 corporate/3.0/i586/mozilla-firefox-pt_BR-2.0.0.12-0.1.C30mdk.i586.rpm b7cd96a7431cb825c7db41bb4c85cc0c corporate/3.0/i586/mozilla-firefox-ro-2.0.0.12-0.1.C30mdk.i586.rpm 0f22a5c8cc4ebe9c95965f7f6a35e25e corporate/3.0/i586/mozilla-firefox-ru-2.0.0.12-0.1.C30mdk.i586.rpm a1c92a73dbad5c475d76cf4eb8fe8947 corporate/3.0/i586/mozilla-firefox-sk-2.0.0.12-0.1.C30mdk.i586.rpm d0e46219f3bfb285d1aa5042a11c4c2f corporate/3.0/i586/mozilla-firefox-sl-2.0.0.12-0.1.C30mdk.i586.rpm 65fbb88b91f6f18faf6bfcd7637d99b9 corporate/3.0/i586/mozilla-firefox-sv-2.0.0.12-0.1.C30mdk.i586.rpm 1e6dd377fc1e89cf1b70faa96e234604 corporate/3.0/i586/mozilla-firefox-tr-2.0.0.12-0.1.C30mdk.i586.rpm 1aabd75d4be1b00ed69f61805737dc43 corporate/3.0/i586/mozilla-firefox-uk-2.0.0.12-0.1.C30mdk.i586.rpm 0f5612378dae917f0268326ad0036b87 corporate/3.0/i586/mozilla-firefox-zh_CN-2.0.0.12-0.1.C30mdk.i586.rpm 32f3121c6d0b5491057d1cfd3380a8b6 corporate/3.0/i586/mozilla-firefox-zh_TW-2.0.0.12-0.1.C30mdk.i586.rpm bc6071a867462a8f2a44aa4896530fe6 corporate/3.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.C30mdk.src.rpm 3716609be655be6acb6f567c0eb7dbea corporate/3.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.C30mdk.src.rpm

    Corporate 3.0/X86_64: 23db9d7edef5b8116b6f3cf853819461 corporate/3.0/x86_64/lib64nspr4-2.0.0.12-0.1.C30mdk.x86_64.rpm 0729f4ac4b61f25e3ae816e12acef5ea corporate/3.0/x86_64/lib64nspr4-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm 54d5a161aeda3c3a1754f3b559eec78b corporate/3.0/x86_64/lib64nspr4-static-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm 53339583f214c0cfa61966b2730d4676 corporate/3.0/x86_64/lib64nss3-2.0.0.12-0.1.C30mdk.x86_64.rpm a4a1bdc3da133c4d39950b865ebb6cab corporate/3.0/x86_64/lib64nss3-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm c8476b439226f4db336d0500bbfcb441 corporate/3.0/x86_64/mozilla-firefox-2.0.0.12-0.1.C30mdk.x86_64.rpm 9562e49d98011a072ee5c1eb35ee42c7 corporate/3.0/x86_64/mozilla-firefox-ar-2.0.0.12-0.1.C30mdk.x86_64.rpm aa61d7753d91cf385ecf79a42e8e3aec corporate/3.0/x86_64/mozilla-firefox-bg-2.0.0.12-0.1.C30mdk.x86_64.rpm c8c27fcd9be3ee89f9aea52489bd8c03 corporate/3.0/x86_64/mozilla-firefox-br-2.0.0.12-0.1.C30mdk.x86_64.rpm 98eba3b228afab21f0c2df55a08b79d6 corporate/3.0/x86_64/mozilla-firefox-ca-2.0.0.12-0.1.C30mdk.x86_64.rpm cc3f2d7c0e3b5f4b893d63790c512636 corporate/3.0/x86_64/mozilla-firefox-cs-2.0.0.12-0.1.C30mdk.x86_64.rpm d7d36a8f27c362cec8b48dbff49fe46a corporate/3.0/x86_64/mozilla-firefox-da-2.0.0.12-0.1.C30mdk.x86_64.rpm ffe44e168f6524cd80ceb21207c88006 corporate/3.0/x86_64/mozilla-firefox-de-2.0.0.12-0.1.C30mdk.x86_64.rpm aaf6416b5ea970b3ef61b4b650f13867 corporate/3.0/x86_64/mozilla-firefox-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm ebaa3a59ec5594164601c5968e6b128f corporate/3.0/x86_64/mozilla-firefox-el-2.0.0.12-0.1.C30mdk.x86_64.rpm ceb7ce9e4eccc391712bbec3737e1280 corporate/3.0/x86_64/mozilla-firefox-es-2.0.0.12-0.1.C30mdk.x86_64.rpm 1555aa2ecb1e8beb1949edd6e1672c9d corporate/3.0/x86_64/mozilla-firefox-es_AR-2.0.0.12-0.1.C30mdk.x86_64.rpm 68fa37147805715cfa1bc399c3a3ae12 corporate/3.0/x86_64/mozilla-firefox-eu-2.0.0.12-0.1.C30mdk.x86_64.rpm f50964fc639fd5b394b513c42c700076 corporate/3.0/x86_64/mozilla-firefox-fi-2.0.0.12-0.1.C30mdk.x86_64.rpm 3bc78e57665df763604b1f30329fad7e corporate/3.0/x86_64/mozilla-firefox-fr-2.0.0.12-0.1.C30mdk.x86_64.rpm 9e2139f1c4d6642be56727ac4bc9bc31 corporate/3.0/x86_64/mozilla-firefox-fy-2.0.0.12-0.1.C30mdk.x86_64.rpm 091b74c2f82f9b59d1b3b14ce8de6adb corporate/3.0/x86_64/mozilla-firefox-ga-2.0.0.12-0.1.C30mdk.x86_64.rpm c27e033bd501d9b09bc83f9d43be0442 corporate/3.0/x86_64/mozilla-firefox-gu_IN-2.0.0.12-0.1.C30mdk.x86_64.rpm 32f71e68bb9baacad0046e9d264ed141 corporate/3.0/x86_64/mozilla-firefox-he-2.0.0.12-0.1.C30mdk.x86_64.rpm 381fa53f3ea9ae644151f891e0688bbc corporate/3.0/x86_64/mozilla-firefox-hu-2.0.0.12-0.1.C30mdk.x86_64.rpm 5c3ae6486d80294e3838de7ea8dd343b corporate/3.0/x86_64/mozilla-firefox-it-2.0.0.12-0.1.C30mdk.x86_64.rpm f97e6f40ccb3928672726b6adabd83ac corporate/3.0/x86_64/mozilla-firefox-ja-2.0.0.12-0.1.C30mdk.x86_64.rpm 3516aab6dfbee80f7c38ad30988d200c corporate/3.0/x86_64/mozilla-firefox-ko-2.0.0.12-0.1.C30mdk.x86_64.rpm 035763a9668bb260b123850757a62144 corporate/3.0/x86_64/mozilla-firefox-lt-2.0.0.12-0.1.C30mdk.x86_64.rpm 97af652341c9904dfd11b3ed9264040c corporate/3.0/x86_64/mozilla-firefox-mk-2.0.0.12-0.1.C30mdk.x86_64.rpm 2f1324470036d1267a4ab4b0e08c4596 corporate/3.0/x86_64/mozilla-firefox-nb-2.0.0.12-0.1.C30mdk.x86_64.rpm e75ca84863e4d2c5fce1a4a455c0171f corporate/3.0/x86_64/mozilla-firefox-nl-2.0.0.12-0.1.C30mdk.x86_64.rpm c83fc2d11b218e35937ba8929ea4255d corporate/3.0/x86_64/mozilla-firefox-pa_IN-2.0.0.12-0.1.C30mdk.x86_64.rpm c183055127e20b1eb233ffe81b886817 corporate/3.0/x86_64/mozilla-firefox-pl-2.0.0.12-0.1.C30mdk.x86_64.rpm 3ebb35651e4705b782d0f4cdff5c64ee corporate/3.0/x86_64/mozilla-firefox-pt-2.0.0.12-0.1.C30mdk.x86_64.rpm 39a6d80360c585312f02a307b0840c2d corporate/3.0/x86_64/mozilla-firefox-pt_BR-2.0.0.12-0.1.C30mdk.x86_64.rpm 90f966ed0e5b6d549909d6ae619ee0e6 corporate/3.0/x86_64/mozilla-firefox-ro-2.0.0.12-0.1.C30mdk.x86_64.rpm 74e8392f29214ddef8f0369afed3265f corporate/3.0/x86_64/mozilla-firefox-ru-2.0.0.12-0.1.C30mdk.x86_64.rpm 57ea4a96ea3610ecbb438ff32ac9661a corporate/3.0/x86_64/mozilla-firefox-sk-2.0.0.12-0.1.C30mdk.x86_64.rpm df8f8377b181bb1f0b38c0575081f590 corporate/3.0/x86_64/mozilla-firefox-sl-2.0.0.12-0.1.C30mdk.x86_64.rpm f603bed6dbea7f856a992c15e2c4b248 corporate/3.0/x86_64/mozilla-firefox-sv-2.0.0.12-0.1.C30mdk.x86_64.rpm bff17af242fd945eb81e7a82482f6d6b corporate/3.0/x86_64/mozilla-firefox-tr-2.0.0.12-0.1.C30mdk.x86_64.rpm 297fa42612958e1e62f4d2509c0cac8f corporate/3.0/x86_64/mozilla-firefox-uk-2.0.0.12-0.1.C30mdk.x86_64.rpm fdfba5ea07d613b6e6c3449469af1d8a corporate/3.0/x86_64/mozilla-firefox-zh_CN-2.0.0.12-0.1.C30mdk.x86_64.rpm 93c97d643d6fa49221f6242617acfc15 corporate/3.0/x86_64/mozilla-firefox-zh_TW-2.0.0.12-0.1.C30mdk.x86_64.rpm bc6071a867462a8f2a44aa4896530fe6 corporate/3.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.C30mdk.src.rpm 3716609be655be6acb6f567c0eb7dbea corporate/3.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.C30mdk.src.rpm

    Corporate 4.0: 1d1711379f878dc9870bd4413e8e7f68 corporate/4.0/i586/libnspr4-2.0.0.12-0.1.20060mlcs4.i586.rpm 0d7f47aad1001d5131e9aa1de7629982 corporate/4.0/i586/libnspr4-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm 4dc18c70a562094a2a35f6e4473860ce corporate/4.0/i586/libnspr4-static-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm 07af2aec6447f914d2b35dec625b713f corporate/4.0/i586/libnss3-2.0.0.12-0.1.20060mlcs4.i586.rpm 089ae34703ea533c88191b886ed050a2 corporate/4.0/i586/libnss3-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm 91c7705419d9ba1c6f0662e3bc363bf6 corporate/4.0/i586/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.i586.rpm 7408018fbb857928a5af67ccb0e90886 corporate/4.0/i586/mozilla-firefox-af-2.0.0.12-0.1.20060mlcs4.i586.rpm 80f7f6d7f638005a44e570ed28507ea6 corporate/4.0/i586/mozilla-firefox-ar-2.0.0.12-0.1.20060mlcs4.i586.rpm 322684cd222712ce7fdc179ecd5f33b7 corporate/4.0/i586/mozilla-firefox-be-2.0.0.12-0.1.20060mlcs4.i586.rpm a7d1d5f436099bcad673f3bf3931c774 corporate/4.0/i586/mozilla-firefox-bg-2.0.0.12-0.1.20060mlcs4.i586.rpm c17e5bef41741156084573378cc68600 corporate/4.0/i586/mozilla-firefox-br_FR-2.0.0.12-0.1.20060mlcs4.i586.rpm 2a6ead1a302cfecc5faa8ea663c560da corporate/4.0/i586/mozilla-firefox-ca-2.0.0.12-0.1.20060mlcs4.i586.rpm 5695e1d5884f70f853522cee17e80ca5 corporate/4.0/i586/mozilla-firefox-cs-2.0.0.12-0.1.20060mlcs4.i586.rpm a478f4f622ffbb68551fc6dab3412b41 corporate/4.0/i586/mozilla-firefox-da-2.0.0.12-0.1.20060mlcs4.i586.rpm b573268e97885502650536df6d5e8d41 corporate/4.0/i586/mozilla-firefox-de-2.0.0.12-0.1.20060mlcs4.i586.rpm 047972e5977f81ede7b12737bc986016 corporate/4.0/i586/mozilla-firefox-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm 7c166d1cf63e97c0dfc7fffa95c9c05a corporate/4.0/i586/mozilla-firefox-el-2.0.0.12-0.1.20060mlcs4.i586.rpm cebc280567909d6019221908ab8d8005 corporate/4.0/i586/mozilla-firefox-en_GB-2.0.0.12-0.1.20060mlcs4.i586.rpm 1f55d95a626c5e3e60f1835ec38f3030 corporate/4.0/i586/mozilla-firefox-es_AR-2.0.0.12-0.1.20060mlcs4.i586.rpm f3b8a973d1b877940228971660894755 corporate/4.0/i586/mozilla-firefox-es_ES-2.0.0.12-0.1.20060mlcs4.i586.rpm 8b062bf830d02da9b0633fb5b0d8694b corporate/4.0/i586/mozilla-firefox-et_EE-2.0.0.12-0.1.20060mlcs4.i586.rpm 99155f12e37fa7f0d233afbf7e6eb77c corporate/4.0/i586/mozilla-firefox-eu-2.0.0.12-0.1.20060mlcs4.i586.rpm 101d3e38b83859fdccd147befe69e323 corporate/4.0/i586/mozilla-firefox-fi-2.0.0.12-0.1.20060mlcs4.i586.rpm 591382083fd187a78b807f2058a47500 corporate/4.0/i586/mozilla-firefox-fr-2.0.0.12-0.1.20060mlcs4.i586.rpm 31c0256fd7f5611dcadac9d65299e4d1 corporate/4.0/i586/mozilla-firefox-fy-2.0.0.12-0.1.20060mlcs4.i586.rpm 88ddcd6d685311d4935eb9c920df7f5a corporate/4.0/i586/mozilla-firefox-ga-2.0.0.12-0.1.20060mlcs4.i586.rpm f16d908c50d3367edf84d8f57ab98658 corporate/4.0/i586/mozilla-firefox-gu_IN-2.0.0.12-0.1.20060mlcs4.i586.rpm de1d6367ee761e4795a479b56e386db7 corporate/4.0/i586/mozilla-firefox-he-2.0.0.12-0.1.20060mlcs4.i586.rpm 77aec187f4ed84e887c0a7f309f4b392 corporate/4.0/i586/mozilla-firefox-hu-2.0.0.12-0.1.20060mlcs4.i586.rpm 282b43d2d3588e402f543db6e04f2f0f corporate/4.0/i586/mozilla-firefox-it-2.0.0.12-0.1.20060mlcs4.i586.rpm b47cc4f29ae05002de87dec506629da4 corporate/4.0/i586/mozilla-firefox-ja-2.0.0.12-0.1.20060mlcs4.i586.rpm 293674a0d6da859c704bbf810ec70058 corporate/4.0/i586/mozilla-firefox-ka-2.0.0.12-0.1.20060mlcs4.i586.rpm 545f8f041f6b9261e82a4aac2cb43252 corporate/4.0/i586/mozilla-firefox-ko-2.0.0.12-0.1.20060mlcs4.i586.rpm c302d3b9648c5000e3f7901bb4bee1f3 corporate/4.0/i586/mozilla-firefox-ku-2.0.0.12-0.1.20060mlcs4.i586.rpm 731481cef1ae784c12cbc315578cccc4 corporate/4.0/i586/mozilla-firefox-lt-2.0.0.12-0.1.20060mlcs4.i586.rpm dd7c48caf2f47bdf798b59ea3ae559f0 corporate/4.0/i586/mozilla-firefox-mk-2.0.0.12-0.1.20060mlcs4.i586.rpm 5b253e55912e1a02d6f0dc83b553dbc9 corporate/4.0/i586/mozilla-firefox-mn-2.0.0.12-0.1.20060mlcs4.i586.rpm cd40523fa6a2d66fe7da492ffe4ad14e corporate/4.0/i586/mozilla-firefox-nb_NO-2.0.0.12-0.1.20060mlcs4.i586.rpm f2a96a4a1164c6e2fa15fb9f679f7b09 corporate/4.0/i586/mozilla-firefox-nl-2.0.0.12-0.1.20060mlcs4.i586.rpm 06cc7a4e01a22db0d2245c28310f30cf corporate/4.0/i586/mozilla-firefox-nn_NO-2.0.0.12-0.1.20060mlcs4.i586.rpm f775f685d33f5f72db3e38b126818981 corporate/4.0/i586/mozilla-firefox-pa_IN-2.0.0.12-0.1.20060mlcs4.i586.rpm 43a81c2218d37a9d78426616805db926 corporate/4.0/i586/mozilla-firefox-pl-2.0.0.12-0.1.20060mlcs4.i586.rpm 4663ab7aa12e2d3b76dba84708023fe1 corporate/4.0/i586/mozilla-firefox-pt_BR-2.0.0.12-0.1.20060mlcs4.i586.rpm 54471048e1c8cb1db9a7b4969bf2746e corporate/4.0/i586/mozilla-firefox-pt_PT-2.0.0.12-0.1.20060mlcs4.i586.rpm 8254befda8ff5971ceb82c10401d635b corporate/4.0/i586/mozilla-firefox-ro-2.0.0.12-0.1.20060mlcs4.i586.rpm 3b046ee77e70b291e7c59c01be14bc03 corporate/4.0/i586/mozilla-firefox-ru-2.0.0.12-0.1.20060mlcs4.i586.rpm c657ff4c7aee04107a1ff720c308af1f corporate/4.0/i586/mozilla-firefox-sk-2.0.0.12-0.1.20060mlcs4.i586.rpm e20b0dfc4235bc5f970de1f788875f62 corporate/4.0/i586/mozilla-firefox-sl-2.0.0.12-0.1.20060mlcs4.i586.rpm 017b941dd46c33b86b89b59b52488648 corporate/4.0/i586/mozilla-firefox-sv_SE-2.0.0.12-0.1.20060mlcs4.i586.rpm 548ff5316add85b2242194931546b211 corporate/4.0/i586/mozilla-firefox-tr-2.0.0.12-0.1.20060mlcs4.i586.rpm d0a98b2311dcffe4f4aaa9cb18af9c59 corporate/4.0/i586/mozilla-firefox-uk-2.0.0.12-0.1.20060mlcs4.i586.rpm 1f9348318f243fe9125a01e68fb3a621 corporate/4.0/i586/mozilla-firefox-zh_CN-2.0.0.12-0.1.20060mlcs4.i586.rpm ef213595b8e62754329e80e9b3482eb1 corporate/4.0/i586/mozilla-firefox-zh_TW-2.0.0.12-0.1.20060mlcs4.i586.rpm e9a3ebed36c203507377ceda77761c7f corporate/4.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.src.rpm 239d3534086a45aec6b748c8a392848d corporate/4.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 6f27683c589e7cfe916aea2acc9ea4c5 corporate/4.0/x86_64/lib64nspr4-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 0b49dc9f56bfdbcab6667c317cd09d20 corporate/4.0/x86_64/lib64nspr4-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 3b30beb9068bb3c4c93a2851efe5a072 corporate/4.0/x86_64/lib64nspr4-static-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 1b1317be6976c1813bad0fae43195672 corporate/4.0/x86_64/lib64nss3-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 4462f8c4edae09073be451aa5687a9d5 corporate/4.0/x86_64/lib64nss3-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 7a09a6157916830003822a98fe6cfacb corporate/4.0/x86_64/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 0d65bb5086ea4a27857d6a2b9c06fd28 corporate/4.0/x86_64/mozilla-firefox-af-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a73e472c10837caa909e4757c8a38a13 corporate/4.0/x86_64/mozilla-firefox-ar-2.0.0.12-0.1.20060mlcs4.x86_64.rpm c1d2fc656d5480c7efe54206e0cba359 corporate/4.0/x86_64/mozilla-firefox-be-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 187a400e7cba77d1d557ad1661c89f70 corporate/4.0/x86_64/mozilla-firefox-bg-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 848f364c27f60a1b57f651a11fd7bfc9 corporate/4.0/x86_64/mozilla-firefox-br_FR-2.0.0.12-0.1.20060mlcs4.x86_64.rpm fc687b68c63ad17b029aaf40b09081bd corporate/4.0/x86_64/mozilla-firefox-ca-2.0.0.12-0.1.20060mlcs4.x86_64.rpm e0f608bc089b65b7d8f4c39e70fdb07f corporate/4.0/x86_64/mozilla-firefox-cs-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 757e556773ac9d8daca19a8ee900d852 corporate/4.0/x86_64/mozilla-firefox-da-2.0.0.12-0.1.20060mlcs4.x86_64.rpm e29b10677a086988ce206e2ea8046176 corporate/4.0/x86_64/mozilla-firefox-de-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 469fff1b83157501441463e6d448a5db corporate/4.0/x86_64/mozilla-firefox-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 883b2bfccc861c66d87ee2d743ccdcfb corporate/4.0/x86_64/mozilla-firefox-el-2.0.0.12-0.1.20060mlcs4.x86_64.rpm df11d3c06d75e44370f5c4d51aec25a3 corporate/4.0/x86_64/mozilla-firefox-en_GB-2.0.0.12-0.1.20060mlcs4.x86_64.rpm ca1e033902408029c4fd40af3be1884e corporate/4.0/x86_64/mozilla-firefox-es_AR-2.0.0.12-0.1.20060mlcs4.x86_64.rpm abc14977ab3e412fc421d36b1f5e5a05 corporate/4.0/x86_64/mozilla-firefox-es_ES-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 771b80cadf087492fe3322b7a6f7f66f corporate/4.0/x86_64/mozilla-firefox-et_EE-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 15a19b591c1349aed2021869e2a4c66f corporate/4.0/x86_64/mozilla-firefox-eu-2.0.0.12-0.1.20060mlcs4.x86_64.rpm d93321763495ff74aea00cee5dc084db corporate/4.0/x86_64/mozilla-firefox-fi-2.0.0.12-0.1.20060mlcs4.x86_64.rpm aa1fc91f9e645543766005a4752778dd corporate/4.0/x86_64/mozilla-firefox-fr-2.0.0.12-0.1.20060mlcs4.x86_64.rpm eddf29eeda44341e9cc838f1c6b24d19 corporate/4.0/x86_64/mozilla-firefox-fy-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 2e838ecca5557cc805641c3d0a285011 corporate/4.0/x86_64/mozilla-firefox-ga-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 4809fd91537881354a71fc93ff98449c corporate/4.0/x86_64/mozilla-firefox-gu_IN-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a1617c1c7ae11b0a59e4c20e28b32559 corporate/4.0/x86_64/mozilla-firefox-he-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 2d1a864a44662e615dd169969cdac87a corporate/4.0/x86_64/mozilla-firefox-hu-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 9daafb45ed2580d3aa942fb9c2724afa corporate/4.0/x86_64/mozilla-firefox-it-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a9b48b99056e9357e8f93234ffc35ddd corporate/4.0/x86_64/mozilla-firefox-ja-2.0.0.12-0.1.20060mlcs4.x86_64.rpm c16c37481ea46a9cd9925cb6a817c1c3 corporate/4.0/x86_64/mozilla-firefox-ka-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 228fa42007d14c1b14e9de4baf5dd736 corporate/4.0/x86_64/mozilla-firefox-ko-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a1943be2528497fce78f3e046a75e133 corporate/4.0/x86_64/mozilla-firefox-ku-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a36832b9cb2d40e20001ef05c7976ddc corporate/4.0/x86_64/mozilla-firefox-lt-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 0556b33cd92d1d98ffb76b75f00ea560 corporate/4.0/x86_64/mozilla-firefox-mk-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 94962bae734a9f359faf26c98db1ac0b corporate/4.0/x86_64/mozilla-firefox-mn-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 6327ba03cbceb74e666dd777511d2a20 corporate/4.0/x86_64/mozilla-firefox-nb_NO-2.0.0.12-0.1.20060mlcs4.x86_64.rpm aaa50342a183c21a0fb8e9971e47906e corporate/4.0/x86_64/mozilla-firefox-nl-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a2433065a1d07f75399737767c455f7e corporate/4.0/x86_64/mozilla-firefox-nn_NO-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 214139bf12caf296595593ab5482d0e5 corporate/4.0/x86_64/mozilla-firefox-pa_IN-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 2e4fe93846ddfcbb40418de9cc8e2fad corporate/4.0/x86_64/mozilla-firefox-pl-2.0.0.12-0.1.20060mlcs4.x86_64.rpm ec0005d0f605c13b271c462d8a1e3803 corporate/4.0/x86_64/mozilla-firefox-pt_BR-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 26e0d940070213998d15c6de8cd4a2e3 corporate/4.0/x86_64/mozilla-firefox-pt_PT-2.0.0.12-0.1.20060mlcs4.x86_64.rpm dd357d608e05e3b3690916ac18658d60 corporate/4.0/x86_64/mozilla-firefox-ro-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 2517bd66238ea45344c179dc040b3e35 corporate/4.0/x86_64/mozilla-firefox-ru-2.0.0.12-0.1.20060mlcs4.x86_64.rpm a36da3c0bdd8b7b795c8231dbe38ef0e corporate/4.0/x86_64/mozilla-firefox-sk-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 81da62c563e988f6774e92f7bb89ec08 corporate/4.0/x86_64/mozilla-firefox-sl-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 049a3781090a939f28ea96feda01dc43 corporate/4.0/x86_64/mozilla-firefox-sv_SE-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 464a604c992f8c6e6ac2e9b30deec767 corporate/4.0/x86_64/mozilla-firefox-tr-2.0.0.12-0.1.20060mlcs4.x86_64.rpm e893954f8e64d1e9d0750e22a5ec2eae corporate/4.0/x86_64/mozilla-firefox-uk-2.0.0.12-0.1.20060mlcs4.x86_64.rpm 4e176083661abe3e461e43381659146e corporate/4.0/x86_64/mozilla-firefox-zh_CN-2.0.0.12-0.1.20060mlcs4.x86_64.rpm b030162e1689f266f9d11d537546d50f corporate/4.0/x86_64/mozilla-firefox-zh_TW-2.0.0.12-0.1.20060mlcs4.x86_64.rpm e9a3ebed36c203507377ceda77761c7f corporate/4.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.src.rpm 239d3534086a45aec6b748c8a392848d corporate/4.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.20060mlcs4.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux)

    iD8DBQFHvzANmqjQ0CJFipgRAnAJAJ9WP5c754QfYoGIwYl7Q+g7bYtvkACgys8n LD1VivpQi4F20e4H0MamS58= =oe/t -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0.8"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0.7"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "mozilla",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "mozilla",
            "version": "2.0.0.11"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "mozilla",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "mozilla",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5.0.7"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5.0.5"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5.0.4"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5.0.2"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5.0.14"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.5.0.12"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.1.2"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.0.9"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "1.0.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mozilla",
            "version": "2.0.0.2"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.4"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.9"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.5"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.8"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.11"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.9"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.4"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.5"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.3"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.9"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.7"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.2"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.9"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.2"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.6.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.7"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.10"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.7"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.7"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.8"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.13"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.8"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.8"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.8"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.9"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.12"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.6"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.5.0.9"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.10"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.5"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "1.0.6"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "2.0.0.4"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mozilla",
            "version": "0.7.1"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(sparc)"
          },
          {
            "_id": null,
            "model": "opensolaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "(x86)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (sparc)"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sun microsystems",
            "version": "10 (x86)"
          },
          {
            "_id": null,
            "model": "turbolinux fuji",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11"
          },
          {
            "_id": null,
            "model": "turbolinux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": "11 (x64)"
          },
          {
            "_id": null,
            "model": "wizpy",
            "scope": null,
            "trust": 0.8,
            "vendor": "turbo linux",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "linux advanced workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel optional productivity applications",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hat fedora",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "7"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "software opera web browser beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "9.50"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "thunderbird beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.52"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.9"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.13"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.8"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.10"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.1"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.1.5"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.1.3"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.99"
          },
          {
            "_id": null,
            "model": "seamonkey beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "seamonkey dev",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.11"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "opera",
            "version": "9.25"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "opera",
            "version": "9.24"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.12"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.0.12"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "27826"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0420"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:mozilla:firefox",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:mozilla:seamonkey",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:opensolaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:sun:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_fuji",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:turbolinux:turbolinux_wizpy",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_optional_productivity_applications",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Gynvael Coldwind",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2008-0420",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2008-0420",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2008-0420",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-30545",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-0420",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2008-0420",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200802-144",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-30545",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0420"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to read portions of memory uninitialized via a crafted 8-bit bitmap (BMP) file that triggers an out-of-bounds read within the heap, as demonstrated using a CANVAS element; or cause a denial of service (application crash) via a crafted 8-bit bitmap file that triggers an out-of-bounds read. NOTE: the initial public reports stated that this affected Firefox in Ubuntu 6.06 through 7.10. Firefox and Opera browsers are prone to a vulnerability that can result in information disclosure or a denial of service. \nAn attacker can exploit this issue to harvest sensitive information that may be used to launch further attacks or to crash the affected application, denying service to legitimate users. \nMozilla Firefox 2.0.0.11 and Opera 9.50 Beta are affected. This vulnerability is related to CVE-2008-0420. The upstream\nfixes were incomplete, and after performing certain actions Thunderbird\nwould crash due to memory errors. This update fixes the problem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n It was discovered that Thunderbird did not properly set the size of a\n buffer when parsing an external-body MIME-type. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200805-18\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: Mozilla products: Multiple vulnerabilities\n      Date: May 20, 2008\n      Bugs: #208128, #214816, #218065\n        ID: 200805-18\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Mozilla Firefox,\nThunderbird, SeaMonkey and XULRunner, some of which may allow\nuser-assisted execution of arbitrary code. \n\nBackground\n==========\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird\nan open-source email client, both from the Mozilla Project. The\nSeaMonkey project is a community effort to deliver production-quality\nreleases of code derived from the application formerly known as the\n\u0027Mozilla Application Suite\u0027. XULRunner is a Mozilla runtime package\nthat can be used to bootstrap XUL+XPCOM applications like Firefox and\nThunderbird. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package                  /  Vulnerable  /              Unaffected\n    -------------------------------------------------------------------\n  1  mozilla-firefox             \u003c 2.0.0.14                \u003e= 2.0.0.14\n  2  mozilla-firefox-bin         \u003c 2.0.0.14                \u003e= 2.0.0.14\n  3  mozilla-thunderbird         \u003c 2.0.0.14                \u003e= 2.0.0.14\n  4  mozilla-thunderbird-bin     \u003c 2.0.0.14                \u003e= 2.0.0.14\n  5  seamonkey                   \u003c 1.1.9-r1                \u003e= 1.1.9-r1\n  6  seamonkey-bin                 \u003c 1.1.9                    \u003e= 1.1.9\n  7  xulrunner                   \u003c 1.8.1.14                \u003e= 1.8.1.14\n    -------------------------------------------------------------------\n     7 affected packages on all of their supported architectures. \n    -------------------------------------------------------------------\n\nDescription\n===========\n\nThe following vulnerabilities were reported in all mentioned Mozilla\nproducts:\n\n* Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and\n  Paul Nickerson reported browser crashes related to JavaScript\n  methods, possibly triggering memory corruption (CVE-2008-0412). \n\n* Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\n  Philip Taylor, and tgirmann reported crashes in the JavaScript\n  engine, possibly triggering memory corruption (CVE-2008-0413). \n\n* David Bloom discovered a vulnerability in the way images are\n  treated by the browser when a user leaves a page, possibly triggering\n  memory corruption (CVE-2008-0419). \n\n* moz_bug_r_a4, Boris Zbarsky, and Johnny Stenback reported a series\n  of privilege escalation vulnerabilities related to JavaScript\n  (CVE-2008-1233, CVE-2008-1234, CVE-2008-1235). \n\n* Mozilla developers identified browser crashes caused by the layout\n  and JavaScript engines, possibly triggering memory corruption\n  (CVE-2008-1236, CVE-2008-1237). \n\n* moz_bug_r_a4 and Boris Zbarsky discovered that pages could escape\n  from its sandboxed context and run with chrome privileges, and inject\n  script content into another site, violating the browser\u0027s same origin\n  policy (CVE-2008-0415). \n\n* Gerry Eisenhaur discovered a directory traversal vulnerability when\n  using \"flat\" addons (CVE-2008-0418). \n\n* Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu reported\n  multiple character handling flaws related to the backspace character,\n  the \"0x80\" character, involving zero-length non-ASCII sequences in\n  multiple character sets, that could facilitate Cross-Site Scripting\n  attacks (CVE-2008-0416). \n\nThe following vulnerability was reported in Thunderbird and SeaMonkey:\n\n* regenrecht (via iDefense) reported a heap-based buffer overflow\n  when rendering an email message with an external MIME body\n  (CVE-2008-0304). \n\nThe following vulnerabilities were reported in Firefox, SeaMonkey and\nXULRunner:\n\n* The fix for CVE-2008-1237 in Firefox 2.0.0.13 and SeaMonkey 1.1.9\n  introduced a new crash vulnerability (CVE-2008-1380). \n\n* hong and Gregory Fleischer each reported a variant on earlier\n  reported bugs regarding focus shifting in file input controls\n  (CVE-2008-0414). \n\n* Gynvael Coldwind (Vexillium) discovered that BMP images could be\n  used to reveal uninitialized memory, and that this data could be\n  extracted using a \"canvas\" feature (CVE-2008-0420). \n\n* Chris Thomas reported that background tabs could create a\n  borderless XUL pop-up in front of pages in other tabs\n  (CVE-2008-1241). \n\n* oo.rio.oo discovered that a plain text file with a\n  \"Content-Disposition: attachment\" prevents Firefox from rendering\n  future plain text files within the browser (CVE-2008-0592). \n\n* Martin Straka reported that the \".href\" property of stylesheet DOM\n  nodes is modified to the final URI of a 302 redirect, bypassing the\n  same origin policy (CVE-2008-0593). \n\n* Gregory Fleischer discovered that under certain circumstances,\n  leading characters from the hostname part of the \"Referer:\" HTTP\n  header are removed (CVE-2008-1238). \n\n* Peter Brodersen and Alexander Klink reported that the browser\n  automatically selected and sent a client certificate when SSL Client\n  Authentication is requested by a server (CVE-2007-4879). \n\n* Gregory Fleischer reported that web content fetched via the \"jar:\"\n  protocol was not subject to network access restrictions\n  (CVE-2008-1240). \n\nThe following vulnerabilities were reported in Firefox:\n\n* Justin Dolske discovered a CRLF injection vulnerability when\n  storing passwords (CVE-2008-0417). \n\n* Michal Zalewski discovered that Firefox does not properly manage a\n  delay timer used in confirmation dialogs (CVE-2008-0591). \n\n* Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery\n  warning dialog is not displayed if the entire contents of a web page\n  are in a DIV tag that uses absolute positioning (CVE-2008-0594). \n\nImpact\n======\n\nA remote attacker could entice a user to view a specially crafted web\npage or email that will trigger one of the vulnerabilities, possibly\nleading to the execution of arbitrary code or a Denial of Service. It\nis also possible for an attacker to trick a user to upload arbitrary\nfiles when submitting a form, to corrupt saved passwords for other\nsites, to steal login credentials, or to conduct Cross-Site Scripting\nand Cross-Site Request Forgery attacks. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Mozilla Firefox users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask -1 -v \"\u003e=www-client/mozilla-firefox-2.0.0.14\"\n\nAll Mozilla Firefox binary users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask -1 -v \"\u003e=www-client/mozilla-firefox-bin-2.0.0.14\"\n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask -1 -v \"\u003e=mail-client/mozilla-thunderbird-2.0.0.14\"\n\nAll Mozilla Thunderbird binary users should upgrade to the latest\nversion:\n\n    # emerge --sync\n    # emerge -a -1 -v \"\u003e=mail-client/mozilla-thunderbird-bin-2.0.0.14\"\n\nAll SeaMonkey users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask -1 -v \"\u003e=www-client/seamonkey-1.1.9-r1\"\n\nAll SeaMonkey binary users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask -1 -v \"\u003e=www-client/seamonkey-bin-1.1.9\"\n\nAll XULRunner users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-libs/xulrunner-1.8.1.14\"\n\nNOTE: The crash vulnerability (CVE-2008-1380) is currently unfixed in\nthe SeaMonkey binary ebuild, as no precompiled packages have been\nreleased. Until an update is available, we recommend all SeaMonkey\nusers to disable JavaScript, use Firefox for JavaScript-enabled\nbrowsing, or switch to the SeaMonkey source ebuild. \n\nReferences\n==========\n\n  [ 1 ] CVE-2007-4879\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4879\n  [ 2 ] CVE-2008-0304\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304\n  [ 3 ] CVE-2008-0412\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412\n  [ 4 ] CVE-2008-0413\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413\n  [ 5 ] CVE-2008-0414\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414\n  [ 6 ] CVE-2008-0415\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415\n  [ 7 ] CVE-2008-0416\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0416\n  [ 8 ] CVE-2008-0417\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0417\n  [ 9 ] CVE-2008-0418\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418\n  [ 10 ] CVE-2008-0419\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419\n  [ 11 ] CVE-2008-0420\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420\n  [ 12 ] CVE-2008-0591\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591\n  [ 13 ] CVE-2008-0592\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0592\n  [ 14 ] CVE-2008-0593\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593\n  [ 15 ] CVE-2008-0594\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0594\n  [ 16 ] CVE-2008-1233\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233\n  [ 17 ] CVE-2008-1234\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234\n  [ 18 ] CVE-2008-1235\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235\n  [ 19 ] CVE-2008-1236\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236\n  [ 20 ] CVE-2008-1237\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237\n  [ 21 ] CVE-2008-1238\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1238\n  [ 22 ] CVE-2008-1240\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1240\n  [ 23 ] CVE-2008-1241\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1241\n  [ 24 ] CVE-2008-1380\n         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200805-18.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. =========================================================== \nUbuntu Security Notice USN-576-1          February 08, 2008\nfirefox vulnerabilities\nCVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415,\nCVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419,\nCVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593,\nCVE-2008-0594\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 6.10\nUbuntu 7.04\nUbuntu 7.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  firefox                         1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\n\nUbuntu 6.10:\n  firefox                         2.0.0.12+0nobinonly+2-0ubuntu0.6.10\n\nUbuntu 7.04:\n  firefox                         2.0.0.12+1nobinonly+2-0ubuntu0.7.4\n\nUbuntu 7.10:\n  firefox                         2.0.0.12+2nobinonly+2-0ubuntu0.7.10\n\nAfter a standard system upgrade you need to restart firefox to effect\nthe necessary changes. \n\nDetails follow:\n\nVarious flaws were discovered in the browser and JavaScript engine. \n(CVE-2008-0412, CVE-2008-0413)\n\nFlaws were discovered in the file upload form control. A malicious\nwebsite could force arbitrary files from the user\u0027s computer to be\nuploaded without consent. (CVE-2008-0414)\n\nVarious flaws were discovered in the JavaScript engine. (CVE-2008-0415)\n\nVarious flaws were discovered in character encoding handling. If a\nuser were ticked into opening a malicious web page, an attacker\ncould perform cross-site scripting attacks. (CVE-2008-0416)\n\nJustin Dolske discovered a flaw in the password saving mechanism. By\ntricking a user into opening a malicious web page, an attacker could\ncorrupt the user\u0027s stored passwords. Under certain circumstances, an\nattacker may be able to load files or steal session data. Ubuntu is\nnot vulnerable in the default installation. A malicious website could exploit this to steal the user\u0027s\nhistory information, crash the browser and/or possibly execute\narbitrary code with the user\u0027s privileges. (CVE-2008-0419)\n\nFlaws were discovered in the BMP decoder. By tricking a user into\nopening a specially crafted BMP file, an attacker could obtain\nsensitive information. (CVE-2008-0420)\n\nMichal Zalewski discovered flaws with timer-enabled security dialogs. \nA malicious website could force the user to confirm a security dialog\nwithout explicit consent. (CVE-2008-0592)\n\nMartin Straka discovered flaws in stylesheet handling after a 302\nredirect. By tricking a user into opening a malicious web page, an\nattacker could obtain sensitive URL parameters. A\nmalicious website could exploit this to conduct phishing attacks\nagainst the user. (CVE-2008-0594)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1.diff.gz\n      Size/MD5:   178154 2cf6b393f77f5b872ffac9f05901d86e\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1.dsc\n      Size/MD5:     1792 25c9c6c7c68cd2ffb437ff3c235ccf5b\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a.orig.tar.gz\n      Size/MD5: 48567134 5f38febe80dd0965ea410ac190a99a79\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_all.deb\n      Size/MD5:    53122 9b8108791fa1acc6a8cd36174d7e004f\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_all.deb\n      Size/MD5:    52236 39ada1e6aeb7b51289c70c71d0f8031e\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5: 47575618 166e66c75fe45216b3ed03b2017ad9f9\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:  2863920 c4fb4492c9c0d33c5ee1ebaa90822add\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:    85508 22e0f29c67b28b7f268d13c47ff21b18\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:  9477254 da7188d3d1a255f46d703b7f9f4af558\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:   222308 66948fa52f626e2e94c277582dd9b419\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:   165292 f14d66384255da7196da5786244d7636\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:   247344 915feb3274a401c8cf7a026c6bcef55d\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:   824986 ee41c39f0dc78dcb269e2c849d7a959b\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb\n      Size/MD5:   219314 6ff861dde457e29b7d78cb0b485cc892\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5: 44132276 7d2488c56e8fc420b7d4b8741842a8d2\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:  2863958 3e65d51503bf4220df6523ad788250c0\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:    77834 58eaaaa178b0775221215bcbc18eb618\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:  7986002 634c8d5dc00d42acac3319a6d8484401\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:   222308 84d7212ebc789c76cbe907c1600a77e6\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:   149850 9373d8373c10536f85d13a5a176889e3\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:   247320 9ae55bba5c7cbe340db54c567fca6158\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:   716594 5e6581e7b8f83755ee6182dc522a16d9\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb\n      Size/MD5:   212712 42d4658e91e8dcab0cdc85b0da6ec700\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5: 48978594 143d1dd5a6ce245fc55c5083749aaecc\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:  2864070 9c399a5d23e6338f5d663606a3c1fe6e\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:    80948 c11c970fa9e3c95a2c7e28be5978d7ca\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:  9097372 a1865d328a9fa56f46ae4fb1bd6757d9\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:   222306 76bc431137ce8c72c4d097c15af86785\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:   162552 309fd0bb01d24a983e187fe50da1e8ea\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:   247346 d6d3ea02f9c3dd500d308215caa50fa8\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:   815602 c939dd4eb7d5e514b86fb6756c3258c5\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb\n      Size/MD5:   216154 f4f8d3b69f847ddfd238a8fbef952953\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5: 45531866 273486483a76cc366c7f22d50a8e1585\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:  2864002 48d560e88b2a92576e1a4ee592297ce6\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:    79414 70c392f787204334116e9ce76f546a46\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:  8483442 3562cacfdf57585c037b651be2860162\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:   222310 6435f1625def65ad5cb1a9732ae035b4\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:   152438 79cc70393fa4b75cac01405f3bdaa830\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:   247346 530a4597f2708ddd246845dcd9948eaf\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:   727040 f954f2d179c4477caf4ac860dee0a3ee\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb\n      Size/MD5:   213662 57bd9a62025696c9ac01aeb2c499004a\n\nUpdated packages for Ubuntu 6.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10.diff.gz\n      Size/MD5:   321397 4a12ea7d4aff45a651e7169df59b66d1\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10.dsc\n      Size/MD5:     1880 d07152222f3bbbd54702964e6c484e5c\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2.orig.tar.gz\n      Size/MD5: 44800182 38c678dd75c578424a1c18876dd074c4\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb\n      Size/MD5:   238002 ac7bdaa151b30f01a44f46e65c8096d8\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb\n      Size/MD5:    56822 b9a0587c020e3e1ff251db1da16a3360\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb\n      Size/MD5:    56922 736209d00ed7a493ad632a595dc3e23e\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb\n      Size/MD5:    56934 65a72a74cd45970e0fdea2eacf97a19f\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb\n      Size/MD5:    57734 08259cf76e7911a1643f9dd34a5946e0\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5: 50541330 aedaa6323fe786ac93a0361712fe2eef\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5:  3181304 9de420a7be03b4f2dc7877d51d86641a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5:    91280 77851caa28f9541474c579b2fcb58de8\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5: 10459390 b794e9dca1f5985ac8f2de5e3021d04d\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5:   226904 e1401fba7056cfed7bfb5c402c773223\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5:   169286 ef4c54634455afec2b88618fee46b330\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5:   251926 e8596b001554965f3a84a517c7eabdb7\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb\n      Size/MD5:   873158 3674842461178bb2118cd634d5ab50a5\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5: 49700122 488b37255f93579b4aa3d091438f0b07\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:  3171304 e30a5b8ffac759624c9cec382cf076aa\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:    84944 53061af8afe191476af93f7fd822c879\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:  9275526 b79a270c10e7b0a53409ee7d2c47a958\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:   226916 a70250bb5ca1ee549b8fd855ba0aac8b\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:   158884 6b82381a44eb2d3a7fca63772f299cb0\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:   251926 1475d73a2829eb9fd9d996b739386152\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb\n      Size/MD5:   795256 e1f9c6278da78da5a15316fcaad8878b\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5: 52219576 c0aca4abff7994ed57feedd4b9fad3c6\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5:  3178480 51d9d70a821af1b86a0dbe3f1047b695\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5:    86810 d20daf80fe21dd441e76544d436b5a97\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5: 10120398 d9da66873e77ae9b151806369ea79999\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5:   226904 7f5b533329fa758c7119737c3c2932b6\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5:   167982 cf663fffe8e0cc731518ad9c2b927353\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5:   251958 af430564abd104b1a0d74c6601f9da21\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb\n      Size/MD5:   870874 310fadfe6f3678646ddb0eb6905891ae\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5: 49730348 02a7529d1ce21e8c80c1eacab37d32e9\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:  3167800 8540b1e6b3ed43155da0aabe6e9b9646\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:    84614 00db1446c0b00efd811f50d924dd5298\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:  9546592 3258e1fbd28f510545f4083d1c4286ca\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:   226908 ec859ea978ee4faad18198557bd0b93a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:   156870 a08586da831b5189bb86b5613457be8c\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:   251942 154e0e0a90641ca61d02229f909c9afe\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb\n      Size/MD5:   777010 15935c9b003f9246bee54b84150c87c1\n\nUpdated packages for Ubuntu 7.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4.diff.gz\n      Size/MD5:   314990 26d843966dfcd15d09732da370613437\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4.dsc\n      Size/MD5:     1866 65a8df8593e51c9bd75384019fed4578\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2.orig.tar.gz\n      Size/MD5: 44800182 be1a3be614b123a5f65ef0631cc3ba57\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb\n      Size/MD5:   243402 da8caba52c3c82557d4821d770299ecc\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb\n      Size/MD5:    58762 45baf9be97557e8b91d2943ca6ba41e6\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb\n      Size/MD5:    58856 42d6160c4ce8fdb5bf9a37293aa53b1c\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb\n      Size/MD5:    58870 9dd7670172ef63a5c95a8e0d0b3b2b96\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb\n      Size/MD5:    59670 492308cc265c713ffddb255884c4e504\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5: 50542618 2ca3b30b33b3b999071a16abf8bcd13c\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:  3184070 271fa86786f418711a313712877eea98\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:    92594 5143ea4adbda306600aee9af86ce77fe\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:    62572 a4e2e6b0064c79138f3b2bfa91ac97d1\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5: 10471176 175a2d6fa77654b739398a2a9d1d03ac\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:   228738 30a1385156baa2a9f24b78c129412f18\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:   174270 3849519034a0821095cd70f444507d99\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:   253900 7b383ef692d89ab55dae43836b2fdd0a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb\n      Size/MD5:   880882 8ba385f8afc6037a95707fcb7b23b46d\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5: 49691234 29f617919ad489ca52ee6b81f01c5cbd\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:  3174990 188a68b01767bc4cca87d3d25337e017\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:    86790 1e73455e05a6171cc71210f322db025f\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:    61972 35aeae2f74e57deddf75cc940927b666\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:  9276348 4801d027bd0a419209a7192eb6b2e5b0\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:   228752 70786d226354b7dfe928f8a627faf0e9\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:   163166 9a04fc6540e7b8adf3fb170cadec304d\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:   253906 fc119126017f04c5b56c3d6f34afdc72\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb\n      Size/MD5:   802282 348a087da1e50abdcc82ab5e540e9f0b\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5: 52204680 048216fdda7b51cc351f5282152dae0a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:  3186926 b6bbe9c19c9f915cff028058a9703485\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:    90636 60db1e12e8d6324c854217356713ed9a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:    62806 ae3c6db90b09e7343a43bb2d2506776a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5: 10350504 084e73de7223b081b0a34c4f05cd8e5e\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:   228746 a19d7edc4e883b4325a65679a4b53f2b\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:   179910 2ed7a05241f477e018235dadeaa0a180\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:   253906 2d7306a969e66f7ba62020ec9683c5d2\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb\n      Size/MD5:   890490 0611974c638cc23f8bb0e64dd5fb1204\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5: 49727862 0b04e498c69841fba2fb44c0026b9360\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:  3173504 a3e8070e87df04e2e1178793a3c28ebb\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:    86486 e4e8c5fa9661d7f2883a64c9c913955a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:    62030 b8cba7f28f9ad581adb2952b0cd27778\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:  9557480 d914a1f143d06130139ebbaf299a998a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:   228734 0b7a1e9e9c4e8e4dd30faa51715b9b3a\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:   161968 6d1e3b53500017050fcd6ad5f797a34c\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:   253912 e997d59184566bb92afd170e3d6e16ae\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb\n      Size/MD5:   796038 b7db09f4ad1a2271524d745c807eec0e\n\nUpdated packages for Ubuntu 7.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10.diff.gz\n      Size/MD5:   192967 f613f26149f995bb2d90897640751c55\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10.dsc\n      Size/MD5:     1831 10cc37e4a7a8b1ef9913c4336e139e34\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2.orig.tar.gz\n      Size/MD5: 34952512 361be132e02f7583555fdb5909138bdf\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_all.deb\n      Size/MD5:   200720 e85d0d26bbba30c7cf1acd8539d4ce5d\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb\n      Size/MD5: 77918994 5e5b6abb9c51f6f991f1270f9fac5c7b\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb\n      Size/MD5:  3195186 0ea7fd2d7e532bdc5676988b36643cc7\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb\n      Size/MD5:    98086 ab6e4e54dfb6700e405f5a4004e5f817\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb\n      Size/MD5:    67082 ff21fe32334e31142459446bf7f7aad7\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb\n      Size/MD5: 10442880 36de6e6c9f3f34f5eea1b88abce14c6a\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb\n      Size/MD5: 77067198 da3fb93ae70ee78f63495d8ebfe5a356\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb\n      Size/MD5:  3182764 fb3bbf088ecea048f3f163a2ba7aa84d\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb\n      Size/MD5:    91770 4384731b32d52be25ff6e419bf2ec269\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb\n      Size/MD5:    66370 3d301f5fe0766f685ac0cad7766af38b\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb\n      Size/MD5:  9189236 7a8f9a6523ed805b0edb42d9f688fbbc\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb\n      Size/MD5: 80531802 0e94eeb3d506799508eb354f7a067b52\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb\n      Size/MD5:  3198570 31ca5d436b1510aeb40d98da1e80b6ba\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb\n      Size/MD5:    96114 e30b3fc0ee76304c61b36ae059510ba0\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb\n      Size/MD5:    67356 6374a01034d982e01e973cd6544f7c5c\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb\n      Size/MD5: 10285072 40e7d114d1f2adba2d8be70f40acbfbe\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb\n      Size/MD5: 77899398 bf815b834944a0a8097c79ae2da6f188\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb\n      Size/MD5:  3180268 90be06ecf15c876086c03c5910d2e575\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb\n      Size/MD5:    91548 33215f4ce2e598f29cde37ab518b555e\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb\n      Size/MD5:    66446 9db9ae28f9b571e27a524f087e8e0f31\n    http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb\n      Size/MD5:  9436014 697d38db0d9a9d1718fe94aacf3f2abb\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n \n Mandriva Linux Security Advisory                         MDVSA-2008:048\n http://www.mandriva.com/security/\n _______________________________________________________________________\n \n Package : mozilla-firefox\n Date    : February 22, 2008\n Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0\n _______________________________________________________________________\n \n Problem Description:\n \n A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Firefox program, version 2.0.0.12. \n \n This update provides the latest Firefox to correct these issues. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0417\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0592\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0594\n http://www.mozilla.org/security/announce/2008/mfsa2008-01.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-02.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-03.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-04.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-05.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-06.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-07.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-08.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-09.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-10.html\n http://www.mozilla.org/security/announce/2008/mfsa2008-11.html\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 1dc2a51ff44cabe490f34da3faa33c23  2007.1/i586/deskbar-applet-2.18.0-3.6mdv2007.1.i586.rpm\n 80ddb753b767b007fdcb81a92c0f905b  2007.1/i586/devhelp-0.13-3.6mdv2007.1.i586.rpm\n 2cad046fa470433fa1e1e3d61a17db64  2007.1/i586/devhelp-plugins-0.13-3.6mdv2007.1.i586.rpm\n c77299cbaf51d2c3750463c896a80b1d  2007.1/i586/eclipse-ecj-3.2.2-3.4.4mdv2007.1.i586.rpm\n 3452bf648a7ac439ae811c4e5fc8a63c  2007.1/i586/eclipse-jdt-3.2.2-3.4.4mdv2007.1.i586.rpm\n c52d7efbb414850069093958810d546c  2007.1/i586/eclipse-jdt-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm\n 9342cf09d7d08ab5f76012ffe9110068  2007.1/i586/eclipse-pde-3.2.2-3.4.4mdv2007.1.i586.rpm\n 902df90494957eb8cb3dfc65cd79dd3e  2007.1/i586/eclipse-pde-runtime-3.2.2-3.4.4mdv2007.1.i586.rpm\n b7921f5695807ed0cbde79f89b022fd6  2007.1/i586/eclipse-pde-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm\n e30bda4a05f799ec477adddea26ad2e7  2007.1/i586/eclipse-platform-3.2.2-3.4.4mdv2007.1.i586.rpm\n b96010dc64a374151aeedbc08f990939  2007.1/i586/eclipse-platform-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm\n 7509249502add24a8c879fc07a9045cc  2007.1/i586/eclipse-rcp-3.2.2-3.4.4mdv2007.1.i586.rpm\n 7b61437abc5b8bcb124d6bffbc00f07c  2007.1/i586/eclipse-rcp-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm\n fed3c9c51dfaefaf915f9e7099156d91  2007.1/i586/eclipse-sdk-3.2.2-3.4.4mdv2007.1.i586.rpm\n 72d3dc507d444eba52b19bd23599ff8e  2007.1/i586/epiphany-2.18.0-5.6mdv2007.1.i586.rpm\n c81f9314f3ec6e9d6983f33a3ebd8e94  2007.1/i586/epiphany-devel-2.18.0-5.6mdv2007.1.i586.rpm\n 92f2517dc7879a37de1c45656c5a3a72  2007.1/i586/epiphany-extensions-2.18.0-2.5mdv2007.1.i586.rpm\n d3c955c6add34c6fcf10d96b79d1841a  2007.1/i586/galeon-2.0.3-5.6mdv2007.1.i586.rpm\n 36f325c6b4ecdc139547e8813f17cd90  2007.1/i586/gnome-python-extras-2.14.3-4.6mdv2007.1.i586.rpm\n 16d211d490987d4fdfafe820d0e37280  2007.1/i586/gnome-python-gda-2.14.3-4.6mdv2007.1.i586.rpm\n 784f949debd848dc8b04085d4ed878cb  2007.1/i586/gnome-python-gda-devel-2.14.3-4.6mdv2007.1.i586.rpm\n 3298cadecd4f531d47c93aaf6c2b61b8  2007.1/i586/gnome-python-gdl-2.14.3-4.6mdv2007.1.i586.rpm\n c90b8d88b8516482b9fbb81b962a52e0  2007.1/i586/gnome-python-gksu-2.14.3-4.6mdv2007.1.i586.rpm\n aaddc4ccb1380f59a1577d0928950c0d  2007.1/i586/gnome-python-gtkhtml2-2.14.3-4.6mdv2007.1.i586.rpm\n 31e67c0db16a843c954d18e9040d3924  2007.1/i586/gnome-python-gtkmozembed-2.14.3-4.6mdv2007.1.i586.rpm\n fd2a2e1bd9678f78441d7f0388fc50cd  2007.1/i586/gnome-python-gtkspell-2.14.3-4.6mdv2007.1.i586.rpm\n 2be331921ac0abd4935f2b7e53485558  2007.1/i586/libdevhelp-1_0-0.13-3.6mdv2007.1.i586.rpm\n 04b8a0a918e5fa4d5d4c9a5ed7ff137f  2007.1/i586/libdevhelp-1_0-devel-0.13-3.6mdv2007.1.i586.rpm\n a3782afaa71b91224e3ac035790346f4  2007.1/i586/libmozilla-firefox-devel-2.0.0.12-1.1mdv2007.1.i586.rpm\n 14cfb1d5f4cf1f065bfca906ff150a4b  2007.1/i586/libmozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2007.1.i586.rpm\n c1426c2e93cc901fe35392ff7cb6c685  2007.1/i586/libswt3-gtk2-3.2.2-3.4.4mdv2007.1.i586.rpm\n ae1601c5b5f88a7f515284650233983d  2007.1/i586/libtotem-plparser1-2.18.2-1.7mdv2007.1.i586.rpm\n c22fc1a859983aa85742e604312f80fa  2007.1/i586/libtotem-plparser1-devel-2.18.2-1.7mdv2007.1.i586.rpm\n 4eb9fbb0119091748feb9889a3c306a7  2007.1/i586/mozilla-firefox-2.0.0.12-1.1mdv2007.1.i586.rpm\n df4485c865ccd7c3242fbe27af182c0d  2007.1/i586/mozilla-firefox-af-2.0.0.12-1mdv2007.1.i586.rpm\n 3ec20a7b73357ba854ff1cdc1a7cb2b3  2007.1/i586/mozilla-firefox-ar-2.0.0.12-1mdv2007.1.i586.rpm\n 6fa279489d73c1c4d6a34229d3a153eb  2007.1/i586/mozilla-firefox-be-2.0.0.12-1mdv2007.1.i586.rpm\n 53bcab0c1e1d67ae7a1a5ac75c5ce494  2007.1/i586/mozilla-firefox-bg-2.0.0.12-1mdv2007.1.i586.rpm\n 314e0e5ae9425a42b1e439f3396f89f8  2007.1/i586/mozilla-firefox-br_FR-2.0.0.12-1mdv2007.1.i586.rpm\n 0254a1f48e4ded8678dd112363c29c74  2007.1/i586/mozilla-firefox-ca-2.0.0.12-1mdv2007.1.i586.rpm\n e686d9fdd625fc13b3cffa97c5508eb4  2007.1/i586/mozilla-firefox-cs-2.0.0.12-1mdv2007.1.i586.rpm\n 7ee117f20fe64cadd3e14451719fe7c4  2007.1/i586/mozilla-firefox-da-2.0.0.12-1mdv2007.1.i586.rpm\n e7d93e623d8a95f3e6a4e841ecb6dced  2007.1/i586/mozilla-firefox-de-2.0.0.12-1mdv2007.1.i586.rpm\n 19f90053d81fdc8c1f29f243f042c016  2007.1/i586/mozilla-firefox-el-2.0.0.12-1mdv2007.1.i586.rpm\n 7ebf410bb0505ca52e0ffb64cd436db1  2007.1/i586/mozilla-firefox-en_GB-2.0.0.12-1mdv2007.1.i586.rpm\n c7708420fc247bac083598e09d54abd1  2007.1/i586/mozilla-firefox-es_AR-2.0.0.12-1mdv2007.1.i586.rpm\n 4bbb4b75f4ce7b2bce3228ee97f83f92  2007.1/i586/mozilla-firefox-es_ES-2.0.0.12-1mdv2007.1.i586.rpm\n 8a094d00259121d38a34381aef52dc77  2007.1/i586/mozilla-firefox-et_EE-2.0.0.12-1mdv2007.1.i586.rpm\n 6d7633f405a110a436fe06811a8e2b28  2007.1/i586/mozilla-firefox-eu-2.0.0.12-1mdv2007.1.i586.rpm\n 00277d0faba3c092d074726f23b479ce  2007.1/i586/mozilla-firefox-fi-2.0.0.12-1mdv2007.1.i586.rpm\n a6a7478985d1feb54502161b7bf61de3  2007.1/i586/mozilla-firefox-fr-2.0.0.12-1mdv2007.1.i586.rpm\n 33fc849c8b3300eb2d93b74e0a21fe9a  2007.1/i586/mozilla-firefox-fy-2.0.0.12-1mdv2007.1.i586.rpm\n aeae2cbbc738a25a1024bdd0fa4b3ab3  2007.1/i586/mozilla-firefox-ga-2.0.0.12-1mdv2007.1.i586.rpm\n cc28a619f49f76efbb86f80f603078a6  2007.1/i586/mozilla-firefox-gu_IN-2.0.0.12-1mdv2007.1.i586.rpm\n 9de2102b85eeb76f490abd37c391190a  2007.1/i586/mozilla-firefox-he-2.0.0.12-1mdv2007.1.i586.rpm\n e85f6cdb1a60b5a3de9ca2b562660db4  2007.1/i586/mozilla-firefox-hu-2.0.0.12-1mdv2007.1.i586.rpm\n 3e3c83e797cdbaace62aa33cd55a37ca  2007.1/i586/mozilla-firefox-it-2.0.0.12-1mdv2007.1.i586.rpm\n a5a3cc4cf13557ba72885fa57a3ccfa8  2007.1/i586/mozilla-firefox-ja-2.0.0.12-1mdv2007.1.i586.rpm\n d39b98fead3b78e7e2f6b03855421bf0  2007.1/i586/mozilla-firefox-ka-2.0.0.12-1mdv2007.1.i586.rpm\n 1e22b2f9d416fe38a09c5c58ac694b54  2007.1/i586/mozilla-firefox-ko-2.0.0.12-1mdv2007.1.i586.rpm\n 5c390f65e4992c416fe7ba2719fee970  2007.1/i586/mozilla-firefox-ku-2.0.0.12-1mdv2007.1.i586.rpm\n cf66aee1be149bb504491f8a0640f3c1  2007.1/i586/mozilla-firefox-lt-2.0.0.12-1mdv2007.1.i586.rpm\n 3b347807ab3cfc861833ae72932b7c47  2007.1/i586/mozilla-firefox-mk-2.0.0.12-1mdv2007.1.i586.rpm\n d300ac9b315aa0f8ba351e9599871d85  2007.1/i586/mozilla-firefox-mn-2.0.0.12-1mdv2007.1.i586.rpm\n 5a94beccbed4dbfaaa911e00f75f4ae0  2007.1/i586/mozilla-firefox-nb_NO-2.0.0.12-1mdv2007.1.i586.rpm\n 6b7f3de774ca6aaec82dd2d4d8898a65  2007.1/i586/mozilla-firefox-nl-2.0.0.12-1mdv2007.1.i586.rpm\n 3d9f959c201905dd349e5d7df9613fe9  2007.1/i586/mozilla-firefox-nn_NO-2.0.0.12-1mdv2007.1.i586.rpm\n d0e6271d86772a36bbeb86d902f186ec  2007.1/i586/mozilla-firefox-pa_IN-2.0.0.12-1mdv2007.1.i586.rpm\n 1654c8644d33ddfad6877bcc07c7df6e  2007.1/i586/mozilla-firefox-pl-2.0.0.12-1mdv2007.1.i586.rpm\n 2915c604f7179029fcf46bb7110af6e3  2007.1/i586/mozilla-firefox-pt_BR-2.0.0.12-1mdv2007.1.i586.rpm\n 70a326e01d4b7dcdcf2098f83d003ea4  2007.1/i586/mozilla-firefox-pt_PT-2.0.0.12-1mdv2007.1.i586.rpm\n 7c43e07b436e083ba15123c2cd3aa70a  2007.1/i586/mozilla-firefox-ro-2.0.0.12-1mdv2007.1.i586.rpm\n d0f26cad526ba1c6e7ac41dbbb34f727  2007.1/i586/mozilla-firefox-ru-2.0.0.12-1mdv2007.1.i586.rpm\n 0a39286f36e0b5688a293c06de29d8d9  2007.1/i586/mozilla-firefox-sk-2.0.0.12-1mdv2007.1.i586.rpm\n 2e4dfeab9aa0649f12787519119da6e2  2007.1/i586/mozilla-firefox-sl-2.0.0.12-1mdv2007.1.i586.rpm\n c0224a7f560da293f8825d08a5a3ddae  2007.1/i586/mozilla-firefox-sv_SE-2.0.0.12-1mdv2007.1.i586.rpm\n 39c1a65a74784d086b7756f523a3761e  2007.1/i586/mozilla-firefox-tr-2.0.0.12-1mdv2007.1.i586.rpm\n 3fb92f19448371ff7b26734df8e46370  2007.1/i586/mozilla-firefox-uk-2.0.0.12-1mdv2007.1.i586.rpm\n 7e562d06f2fff28067f1cd15f5733af2  2007.1/i586/mozilla-firefox-zh_CN-2.0.0.12-1mdv2007.1.i586.rpm\n 3098f92ec1c67b2e170fd4ff1730388a  2007.1/i586/mozilla-firefox-zh_TW-2.0.0.12-1mdv2007.1.i586.rpm\n 1bb36cf0ce6f55517a3473366c494087  2007.1/i586/totem-2.18.2-1.7mdv2007.1.i586.rpm\n 3be505bd7ca427a7012d496724e94b52  2007.1/i586/totem-common-2.18.2-1.7mdv2007.1.i586.rpm\n ae1f2d358274545d78288c02943d68d2  2007.1/i586/totem-gstreamer-2.18.2-1.7mdv2007.1.i586.rpm\n a5a82195f23ea5b2adc90368cd7ca1c4  2007.1/i586/totem-mozilla-2.18.2-1.7mdv2007.1.i586.rpm\n 6eea23a51e4b6c6167d160fd6a283e80  2007.1/i586/totem-mozilla-gstreamer-2.18.2-1.7mdv2007.1.i586.rpm\n 70b76b7eb83ca3c44b885ebbf545a9e7  2007.1/i586/yelp-2.18.0-3.6mdv2007.1.i586.rpm \n 22d9b3b7e5698b47fccc3a6357fec6e4  2007.1/SRPMS/deskbar-applet-2.18.0-3.6mdv2007.1.src.rpm\n 3cf093179a5d711a1532960931d4c069  2007.1/SRPMS/devhelp-0.13-3.6mdv2007.1.src.rpm\n 824c26cd3bf015fa907e8c870b083297  2007.1/SRPMS/eclipse-3.2.2-3.4.4mdv2007.1.src.rpm\n 9c3cec104d4eda89c867added6371874  2007.1/SRPMS/epiphany-2.18.0-5.6mdv2007.1.src.rpm\n 1b6f481d3645ae3d5cb5765a7c456d2a  2007.1/SRPMS/epiphany-extensions-2.18.0-2.5mdv2007.1.src.rpm\n 759216aff8dc1d14d5de891bc7745d6f  2007.1/SRPMS/galeon-2.0.3-5.6mdv2007.1.src.rpm\n 3304dc108695e6197e6b30ee03a51a09  2007.1/SRPMS/gnome-python-extras-2.14.3-4.6mdv2007.1.src.rpm\n 478ad85c7863af6629ac7234debdfbfa  2007.1/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2007.1.src.rpm\n bd76471a2d41c2578b18939415e03b8e  2007.1/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2007.1.src.rpm\n 9747016f17a8f616419f1b7c4e49dc1f  2007.1/SRPMS/totem-2.18.2-1.7mdv2007.1.src.rpm\n f1d428e2757775ec76d83f3be78e6717  2007.1/SRPMS/yelp-2.18.0-3.6mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 691e999c390c5cf9eb7cfa9f7cb36924  2007.1/x86_64/deskbar-applet-2.18.0-3.6mdv2007.1.x86_64.rpm\n caa9f1692901e91890216f893c269ff3  2007.1/x86_64/devhelp-0.13-3.6mdv2007.1.x86_64.rpm\n 05550c4ecdcdf3ae7d888bc0d194a56d  2007.1/x86_64/devhelp-plugins-0.13-3.6mdv2007.1.x86_64.rpm\n 153b61edcf077ebdfe1f6386bce919d4  2007.1/x86_64/eclipse-ecj-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 1ab1d18860b8f590f50f86b0d0fdb681  2007.1/x86_64/eclipse-jdt-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 7f59734a966380ae07ee9e120c756d8c  2007.1/x86_64/eclipse-jdt-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 1d0a61206b3302cb3cfe605d61ab7d40  2007.1/x86_64/eclipse-pde-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n bb9ba6e6dec65f143c40490f3481570d  2007.1/x86_64/eclipse-pde-runtime-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 18c9205dc80f71951461c58379409e71  2007.1/x86_64/eclipse-pde-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 6feda46822a9638d68e0de48c9f29047  2007.1/x86_64/eclipse-platform-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 1c32336de45e3ce2ba59af7636cb9fd3  2007.1/x86_64/eclipse-platform-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n d05a8a18748ad28155eb7ae936d2c015  2007.1/x86_64/eclipse-rcp-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n 8667c57ea4479c6644d1ec77d03f6cc6  2007.1/x86_64/eclipse-rcp-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n cf8bc4f82183b304e20958115202fee5  2007.1/x86_64/eclipse-sdk-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n eee890a0b8e76f6509553c9879ac7ecb  2007.1/x86_64/epiphany-2.18.0-5.6mdv2007.1.x86_64.rpm\n 2dde2d8ddd4c287934b165c4a7119e7f  2007.1/x86_64/epiphany-devel-2.18.0-5.6mdv2007.1.x86_64.rpm\n 061ec1797d29f4e37ee64cc2826fc39d  2007.1/x86_64/epiphany-extensions-2.18.0-2.5mdv2007.1.x86_64.rpm\n bcbaf29656b30c1dcd3fa6d1dc515816  2007.1/x86_64/galeon-2.0.3-5.6mdv2007.1.x86_64.rpm\n 6ab0f8d7437d253249befd970638e2c7  2007.1/x86_64/gnome-python-extras-2.14.3-4.6mdv2007.1.x86_64.rpm\n 4397d9794afae4426228e3e8b727f0d5  2007.1/x86_64/gnome-python-gda-2.14.3-4.6mdv2007.1.x86_64.rpm\n d44dc156c11bd6da8865f2844e1e8a7d  2007.1/x86_64/gnome-python-gda-devel-2.14.3-4.6mdv2007.1.x86_64.rpm\n 80e48e7b6320ddd111b3d61f1d55982d  2007.1/x86_64/gnome-python-gdl-2.14.3-4.6mdv2007.1.x86_64.rpm\n 2273f742d50b47c2554a66d86650b009  2007.1/x86_64/gnome-python-gksu-2.14.3-4.6mdv2007.1.x86_64.rpm\n 54263146b6cc46aec4a9430fda19b612  2007.1/x86_64/gnome-python-gtkhtml2-2.14.3-4.6mdv2007.1.x86_64.rpm\n fa6ad140bec40b0682771394682109c3  2007.1/x86_64/gnome-python-gtkmozembed-2.14.3-4.6mdv2007.1.x86_64.rpm\n 30bb203d5086759c5f9f1c6f9b6f0dc2  2007.1/x86_64/gnome-python-gtkspell-2.14.3-4.6mdv2007.1.x86_64.rpm\n 92485911c16bcb95a571558f3622bfd4  2007.1/x86_64/lib64devhelp-1_0-0.13-3.6mdv2007.1.x86_64.rpm\n 426e40e910923b6c03462d095f1bb94c  2007.1/x86_64/lib64devhelp-1_0-devel-0.13-3.6mdv2007.1.x86_64.rpm\n 797a51d03672c1eb95bc2d55bd807488  2007.1/x86_64/lib64mozilla-firefox-devel-2.0.0.12-1.1mdv2007.1.x86_64.rpm\n 414dba6c0d00a4d43437c59f2a8d90f1  2007.1/x86_64/lib64mozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2007.1.x86_64.rpm\n e26d4695678e9f68ca749593a1b66f1b  2007.1/x86_64/lib64totem-plparser1-2.18.2-1.7mdv2007.1.x86_64.rpm\n 8624b056389ff1fe9f33a64cff081e26  2007.1/x86_64/lib64totem-plparser1-devel-2.18.2-1.7mdv2007.1.x86_64.rpm\n 644e3bd650625950e6b3310b457d5833  2007.1/x86_64/libswt3-gtk2-3.2.2-3.4.4mdv2007.1.x86_64.rpm\n a394cb43cf1289cd37f50ec5127a8590  2007.1/x86_64/mozilla-firefox-2.0.0.12-1.1mdv2007.1.x86_64.rpm\n c74672f4d61902a3ce298c7f866c52e9  2007.1/x86_64/mozilla-firefox-af-2.0.0.12-1mdv2007.1.x86_64.rpm\n 12ee1223b0e97842108fe817fe458053  2007.1/x86_64/mozilla-firefox-ar-2.0.0.12-1mdv2007.1.x86_64.rpm\n 3942350467f9d5799eade58164a34a4e  2007.1/x86_64/mozilla-firefox-be-2.0.0.12-1mdv2007.1.x86_64.rpm\n 3413e28dec7ed97eee32fb74d6188548  2007.1/x86_64/mozilla-firefox-bg-2.0.0.12-1mdv2007.1.x86_64.rpm\n ebd359e9a0af27364e8e4405868a3b3b  2007.1/x86_64/mozilla-firefox-br_FR-2.0.0.12-1mdv2007.1.x86_64.rpm\n a08ea8ae48ccb304988a23a561e29e60  2007.1/x86_64/mozilla-firefox-ca-2.0.0.12-1mdv2007.1.x86_64.rpm\n 147188b2d31441d61466d8c91a9a9462  2007.1/x86_64/mozilla-firefox-cs-2.0.0.12-1mdv2007.1.x86_64.rpm\n 202afdddc582f8d1f5d94c0aaa0197fd  2007.1/x86_64/mozilla-firefox-da-2.0.0.12-1mdv2007.1.x86_64.rpm\n 0f3b150c43264b7e3c0c136296390039  2007.1/x86_64/mozilla-firefox-de-2.0.0.12-1mdv2007.1.x86_64.rpm\n 89e515ffe77b69719efec99a589ce5c1  2007.1/x86_64/mozilla-firefox-el-2.0.0.12-1mdv2007.1.x86_64.rpm\n 76a281bbd0d3428ebfd593c7eb9f679d  2007.1/x86_64/mozilla-firefox-en_GB-2.0.0.12-1mdv2007.1.x86_64.rpm\n e6ac662a04be6997f7d4dbabefe18927  2007.1/x86_64/mozilla-firefox-es_AR-2.0.0.12-1mdv2007.1.x86_64.rpm\n 8de715af8d0e56385170c247d98ea630  2007.1/x86_64/mozilla-firefox-es_ES-2.0.0.12-1mdv2007.1.x86_64.rpm\n abc53ce2f60b1340d1195df5933e7f27  2007.1/x86_64/mozilla-firefox-et_EE-2.0.0.12-1mdv2007.1.x86_64.rpm\n 8252457050a0027280c413e0105f5853  2007.1/x86_64/mozilla-firefox-eu-2.0.0.12-1mdv2007.1.x86_64.rpm\n 0465a7b839901eddf832606d39f68be3  2007.1/x86_64/mozilla-firefox-fi-2.0.0.12-1mdv2007.1.x86_64.rpm\n 9021350fcc01ade20d8ab9b0933959b9  2007.1/x86_64/mozilla-firefox-fr-2.0.0.12-1mdv2007.1.x86_64.rpm\n d6a7795dcce490cac731e59989987b30  2007.1/x86_64/mozilla-firefox-fy-2.0.0.12-1mdv2007.1.x86_64.rpm\n 4c060eb74bc1d46ac492ae671c5507bd  2007.1/x86_64/mozilla-firefox-ga-2.0.0.12-1mdv2007.1.x86_64.rpm\n 62844d52a90dc6a9c28a454df93e0582  2007.1/x86_64/mozilla-firefox-gu_IN-2.0.0.12-1mdv2007.1.x86_64.rpm\n 9120e7c5436e0d729dd302f96c979967  2007.1/x86_64/mozilla-firefox-he-2.0.0.12-1mdv2007.1.x86_64.rpm\n 337d8a3ddc147972b8137d25dd884c37  2007.1/x86_64/mozilla-firefox-hu-2.0.0.12-1mdv2007.1.x86_64.rpm\n 3c93704f70f2b328228c773f57f94275  2007.1/x86_64/mozilla-firefox-it-2.0.0.12-1mdv2007.1.x86_64.rpm\n ccc3536e636482c5cc78b9fd255b7f46  2007.1/x86_64/mozilla-firefox-ja-2.0.0.12-1mdv2007.1.x86_64.rpm\n 5a5e4c41bd5069a93a535664255d452d  2007.1/x86_64/mozilla-firefox-ka-2.0.0.12-1mdv2007.1.x86_64.rpm\n 45a443556cb2e1bf89ba8400b9853ed6  2007.1/x86_64/mozilla-firefox-ko-2.0.0.12-1mdv2007.1.x86_64.rpm\n 6b8837513ae819d26f5dfe8b965f2e64  2007.1/x86_64/mozilla-firefox-ku-2.0.0.12-1mdv2007.1.x86_64.rpm\n b8f56a62ca7c5148e046915b7b06f3dd  2007.1/x86_64/mozilla-firefox-lt-2.0.0.12-1mdv2007.1.x86_64.rpm\n 3dc8413b89cc07e3a28e954bddf76a6d  2007.1/x86_64/mozilla-firefox-mk-2.0.0.12-1mdv2007.1.x86_64.rpm\n 4b16b86e7c13acfbe81a23f1075b8c79  2007.1/x86_64/mozilla-firefox-mn-2.0.0.12-1mdv2007.1.x86_64.rpm\n 95c62278ac3eb8ec53302f9b07622358  2007.1/x86_64/mozilla-firefox-nb_NO-2.0.0.12-1mdv2007.1.x86_64.rpm\n 61f0aeb307a99a9dcd14505a4c37bcee  2007.1/x86_64/mozilla-firefox-nl-2.0.0.12-1mdv2007.1.x86_64.rpm\n 974cc15e998b6a0da384f7da17795041  2007.1/x86_64/mozilla-firefox-nn_NO-2.0.0.12-1mdv2007.1.x86_64.rpm\n 15ba737cf9ced004ce71550ab3d9876b  2007.1/x86_64/mozilla-firefox-pa_IN-2.0.0.12-1mdv2007.1.x86_64.rpm\n 664f9a441cd31d92783ddc48e537ce4e  2007.1/x86_64/mozilla-firefox-pl-2.0.0.12-1mdv2007.1.x86_64.rpm\n d839b414d813ff733637121d5dfc9597  2007.1/x86_64/mozilla-firefox-pt_BR-2.0.0.12-1mdv2007.1.x86_64.rpm\n cc322abde304375cb3593656f439dd4a  2007.1/x86_64/mozilla-firefox-pt_PT-2.0.0.12-1mdv2007.1.x86_64.rpm\n 03ee8f92667603edc0dfbd3d25d98a91  2007.1/x86_64/mozilla-firefox-ro-2.0.0.12-1mdv2007.1.x86_64.rpm\n f0d1391e46f5ba33ae6b46f96afcbb62  2007.1/x86_64/mozilla-firefox-ru-2.0.0.12-1mdv2007.1.x86_64.rpm\n 2373c8b353b75a989409c95c8a3376b0  2007.1/x86_64/mozilla-firefox-sk-2.0.0.12-1mdv2007.1.x86_64.rpm\n 5a4e7d321490dbdae8f0d1c391033cf4  2007.1/x86_64/mozilla-firefox-sl-2.0.0.12-1mdv2007.1.x86_64.rpm\n 6e30e25e08cd23fa9783800aaeb17d38  2007.1/x86_64/mozilla-firefox-sv_SE-2.0.0.12-1mdv2007.1.x86_64.rpm\n 47f3e27f3e000924f81404f3cda222cc  2007.1/x86_64/mozilla-firefox-tr-2.0.0.12-1mdv2007.1.x86_64.rpm\n 2e843cc9a0ad5527f097840b3482e93d  2007.1/x86_64/mozilla-firefox-uk-2.0.0.12-1mdv2007.1.x86_64.rpm\n d6d560ef65a33e06222417ca0f25a69d  2007.1/x86_64/mozilla-firefox-zh_CN-2.0.0.12-1mdv2007.1.x86_64.rpm\n 6f023284f94e59d9a3a555147423c2fa  2007.1/x86_64/mozilla-firefox-zh_TW-2.0.0.12-1mdv2007.1.x86_64.rpm\n 9c244429f79868294786d3edb88b630d  2007.1/x86_64/totem-2.18.2-1.7mdv2007.1.x86_64.rpm\n 0839e08ff2af223b6ba3d80670af7961  2007.1/x86_64/totem-common-2.18.2-1.7mdv2007.1.x86_64.rpm\n de037eb59adf51a7d8dafbe1b65f01cd  2007.1/x86_64/totem-gstreamer-2.18.2-1.7mdv2007.1.x86_64.rpm\n 968247765ff758ddd93d38020604957d  2007.1/x86_64/totem-mozilla-2.18.2-1.7mdv2007.1.x86_64.rpm\n 40d3cb387ecf9f50e549065690b6577f  2007.1/x86_64/totem-mozilla-gstreamer-2.18.2-1.7mdv2007.1.x86_64.rpm\n 2b5ffacf78cf59f0d5bcd748c6cfc3b9  2007.1/x86_64/yelp-2.18.0-3.6mdv2007.1.x86_64.rpm \n 22d9b3b7e5698b47fccc3a6357fec6e4  2007.1/SRPMS/deskbar-applet-2.18.0-3.6mdv2007.1.src.rpm\n 3cf093179a5d711a1532960931d4c069  2007.1/SRPMS/devhelp-0.13-3.6mdv2007.1.src.rpm\n 824c26cd3bf015fa907e8c870b083297  2007.1/SRPMS/eclipse-3.2.2-3.4.4mdv2007.1.src.rpm\n 9c3cec104d4eda89c867added6371874  2007.1/SRPMS/epiphany-2.18.0-5.6mdv2007.1.src.rpm\n 1b6f481d3645ae3d5cb5765a7c456d2a  2007.1/SRPMS/epiphany-extensions-2.18.0-2.5mdv2007.1.src.rpm\n 759216aff8dc1d14d5de891bc7745d6f  2007.1/SRPMS/galeon-2.0.3-5.6mdv2007.1.src.rpm\n 3304dc108695e6197e6b30ee03a51a09  2007.1/SRPMS/gnome-python-extras-2.14.3-4.6mdv2007.1.src.rpm\n 478ad85c7863af6629ac7234debdfbfa  2007.1/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2007.1.src.rpm\n bd76471a2d41c2578b18939415e03b8e  2007.1/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2007.1.src.rpm\n 9747016f17a8f616419f1b7c4e49dc1f  2007.1/SRPMS/totem-2.18.2-1.7mdv2007.1.src.rpm\n f1d428e2757775ec76d83f3be78e6717  2007.1/SRPMS/yelp-2.18.0-3.6mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n b9ed3ce884f9bdc1bbc2ca45a69b49e9  2008.0/i586/devhelp-0.16-1.3mdv2008.0.i586.rpm\n ed2da3bc8550f42d071afe5cd5dcb626  2008.0/i586/devhelp-plugins-0.16-1.3mdv2008.0.i586.rpm\n 278b937377cab903ac69490711a8b928  2008.0/i586/eclipse-cvs-client-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 22d6fc428c6c1439da9b193de7f8bc13  2008.0/i586/eclipse-ecj-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 4cbee48cb9289a3275010e378c2156f5  2008.0/i586/eclipse-jdt-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 1d1d9fc56fbdf18e78c6ff5db0238758  2008.0/i586/eclipse-pde-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 5307ccd1f83a046923b488b2f939152c  2008.0/i586/eclipse-pde-runtime-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n f7ec4b95c23f2b879ac5c1d807076429  2008.0/i586/eclipse-platform-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 6c03f1c0a1282323c29ecdd41124ec69  2008.0/i586/eclipse-rcp-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 298103c5cd25124cf033dc4306c9c9f5  2008.0/i586/epiphany-2.20.0-1.3mdv2008.0.i586.rpm\n 62dffadf7d2352111917c4c344aaba65  2008.0/i586/epiphany-devel-2.20.0-1.3mdv2008.0.i586.rpm\n 2f24d71af446fb3368c06791f0df09d0  2008.0/i586/galeon-2.0.3-7.3mdv2008.0.i586.rpm\n e722fe502740262bfd86f1d56baad8b4  2008.0/i586/gnome-python-extras-2.19.1-4.3mdv2008.0.i586.rpm\n 7fa422ad5d8fc5a22f18e1344de6a52e  2008.0/i586/gnome-python-gda-2.19.1-4.3mdv2008.0.i586.rpm\n 01b3b75cd0f61b6cede729ad0ce7049e  2008.0/i586/gnome-python-gda-devel-2.19.1-4.3mdv2008.0.i586.rpm\n b027bdacb4c54794a39941ed57eae603  2008.0/i586/gnome-python-gdl-2.19.1-4.3mdv2008.0.i586.rpm\n f03b3364360771482c3787e07eec7cb1  2008.0/i586/gnome-python-gksu-2.19.1-4.3mdv2008.0.i586.rpm\n 61b7e3bf96718d1b3f69c7975aa50304  2008.0/i586/gnome-python-gtkhtml2-2.19.1-4.3mdv2008.0.i586.rpm\n 1b3e7d7f72f8e6c7538ff1dc64f26e8c  2008.0/i586/gnome-python-gtkmozembed-2.19.1-4.3mdv2008.0.i586.rpm\n d02af7b90406fac43092c2081680d710  2008.0/i586/gnome-python-gtkspell-2.19.1-4.3mdv2008.0.i586.rpm\n 4ccf8f36d0458a428e9fb2345e94cfc2  2008.0/i586/libdevhelp-1-devel-0.16-1.3mdv2008.0.i586.rpm\n d02dc201a45281fcd871f84daa80564f  2008.0/i586/libdevhelp-1_0-0.16-1.3mdv2008.0.i586.rpm\n 4a6927720465de3b79a3497f2a578c2b  2008.0/i586/libmozilla-firefox-devel-2.0.0.12-1.1mdv2008.0.i586.rpm\n 844ea6862f575229557ce2f8a058432b  2008.0/i586/libmozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2008.0.i586.rpm\n f450a3638c675dc92ff2ef0a685d11ee  2008.0/i586/libswt3-gtk2-3.3.0-0.20.8.3mdv2008.0.i586.rpm\n 445b0e3b0a8d3a078307938e72e2b78d  2008.0/i586/libtotem-plparser-devel-2.20.1-1.2mdv2008.0.i586.rpm\n 3a3c057314238103a36115fa71bb637f  2008.0/i586/libtotem-plparser7-2.20.1-1.2mdv2008.0.i586.rpm\n d56467de0ac9ea808080b0605909366e  2008.0/i586/mozilla-firefox-2.0.0.12-1.1mdv2008.0.i586.rpm\n 0711c8212df759437a176f8525560e6e  2008.0/i586/mozilla-firefox-af-2.0.0.12-1mdv2008.0.i586.rpm\n 15f1e548b0d2198742f4d358ad796a42  2008.0/i586/mozilla-firefox-ar-2.0.0.12-1mdv2008.0.i586.rpm\n 82fa5aea23785a60616c68a8ef7e5932  2008.0/i586/mozilla-firefox-be-2.0.0.12-1mdv2008.0.i586.rpm\n 96385f21854f261d354406257ae25362  2008.0/i586/mozilla-firefox-bg-2.0.0.12-1mdv2008.0.i586.rpm\n a148aa83b35eb670fedf19c80c0876a3  2008.0/i586/mozilla-firefox-br_FR-2.0.0.12-1mdv2008.0.i586.rpm\n ddb1086ba8de9dcea6fa3e561a2a7310  2008.0/i586/mozilla-firefox-ca-2.0.0.12-1mdv2008.0.i586.rpm\n 2023098fa5017553eddd2d780acc096f  2008.0/i586/mozilla-firefox-cs-2.0.0.12-1mdv2008.0.i586.rpm\n 60dab666392dc1b2e0ae9ba3d4be008b  2008.0/i586/mozilla-firefox-da-2.0.0.12-1mdv2008.0.i586.rpm\n b12a81d439f33c9f7b247e91500b2146  2008.0/i586/mozilla-firefox-de-2.0.0.12-1mdv2008.0.i586.rpm\n e41c11cf94981c0b7b3df390da495bc0  2008.0/i586/mozilla-firefox-el-2.0.0.12-1mdv2008.0.i586.rpm\n 569922ef1cf787bb1a695a63775d1389  2008.0/i586/mozilla-firefox-en_GB-2.0.0.12-1mdv2008.0.i586.rpm\n c5efdffee339eaf9d34bace8942888b4  2008.0/i586/mozilla-firefox-es_AR-2.0.0.12-1mdv2008.0.i586.rpm\n d151770d576f08c9204b13b3ea1559d9  2008.0/i586/mozilla-firefox-es_ES-2.0.0.12-1mdv2008.0.i586.rpm\n 946886a35d058f30de178938496ebe96  2008.0/i586/mozilla-firefox-et_EE-2.0.0.12-1mdv2008.0.i586.rpm\n 949d8575e900c1df357f2e9eef7a32ca  2008.0/i586/mozilla-firefox-eu-2.0.0.12-1mdv2008.0.i586.rpm\n 6f06703f8ee7d7ebfaa951eb9b935397  2008.0/i586/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.i586.rpm\n 1a67631467fd5cdcd1fd63cd55807c0c  2008.0/i586/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.i586.rpm\n 145d0c6bf0e6d5bacbdf63471844d3a7  2008.0/i586/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.i586.rpm\n 2e24c0bf13b81aef0524988a48c86c85  2008.0/i586/mozilla-firefox-fi-2.0.0.12-1mdv2008.0.i586.rpm\n bf859aba5985cd4f8de5d77097ce27ab  2008.0/i586/mozilla-firefox-fr-2.0.0.12-1mdv2008.0.i586.rpm\n 1e419bb831898aa7f7f280b101e33163  2008.0/i586/mozilla-firefox-fy-2.0.0.12-1mdv2008.0.i586.rpm\n 7e6411d52ce2a968274410514ca319d3  2008.0/i586/mozilla-firefox-ga-2.0.0.12-1mdv2008.0.i586.rpm\n 60cb492b459d4fc3fc076b8ac90013e8  2008.0/i586/mozilla-firefox-gnome-support-2.0.0.12-1.1mdv2008.0.i586.rpm\n 34cf05391500b866f1b0b4776046ab3f  2008.0/i586/mozilla-firefox-gu_IN-2.0.0.12-1mdv2008.0.i586.rpm\n 9b2954bd04ecc285f2535a828432d0df  2008.0/i586/mozilla-firefox-he-2.0.0.12-1mdv2008.0.i586.rpm\n 2356729d9b2e4b532838c7913ba30637  2008.0/i586/mozilla-firefox-hu-2.0.0.12-1mdv2008.0.i586.rpm\n d213db926f0959643649708ed4c4af61  2008.0/i586/mozilla-firefox-it-2.0.0.12-1mdv2008.0.i586.rpm\n 352161c8c2aa1943e791cc58f0e3c785  2008.0/i586/mozilla-firefox-ja-2.0.0.12-1mdv2008.0.i586.rpm\n 72465fe9a44aeeb74a6cfd412f9e708b  2008.0/i586/mozilla-firefox-ka-2.0.0.12-1mdv2008.0.i586.rpm\n 445861082658f826f76f01c8f48ce040  2008.0/i586/mozilla-firefox-ko-2.0.0.12-1mdv2008.0.i586.rpm\n b33adecf186e8301cd292075a699eef0  2008.0/i586/mozilla-firefox-ku-2.0.0.12-1mdv2008.0.i586.rpm\n 878a44794064d86bbc3a511fc9f94d1e  2008.0/i586/mozilla-firefox-lt-2.0.0.12-1mdv2008.0.i586.rpm\n 05bdf7d1f1d304f8e1e6aa2e990bd764  2008.0/i586/mozilla-firefox-mk-2.0.0.12-1mdv2008.0.i586.rpm\n b32ae7f6ad74c87d2efed37df2150967  2008.0/i586/mozilla-firefox-mn-2.0.0.12-1mdv2008.0.i586.rpm\n 8fdeb19e609e8334379bd7b13d88fcb6  2008.0/i586/mozilla-firefox-nb_NO-2.0.0.12-1mdv2008.0.i586.rpm\n 4e3f6d3a1030791d16855755489fead0  2008.0/i586/mozilla-firefox-nl-2.0.0.12-1mdv2008.0.i586.rpm\n 71d850481e225951fb6ed40501976174  2008.0/i586/mozilla-firefox-nn_NO-2.0.0.12-1mdv2008.0.i586.rpm\n 8d5bb6c37b32575fc34c4334be6e1842  2008.0/i586/mozilla-firefox-pa_IN-2.0.0.12-1mdv2008.0.i586.rpm\n 848747d8c1a6b48808a7f7c6148e1d26  2008.0/i586/mozilla-firefox-pl-2.0.0.12-1mdv2008.0.i586.rpm\n e1beba530c98af86e02164a948fcf08b  2008.0/i586/mozilla-firefox-pt_BR-2.0.0.12-1mdv2008.0.i586.rpm\n 3a9d3ef361497ee878f1f970a1916e2d  2008.0/i586/mozilla-firefox-pt_PT-2.0.0.12-1mdv2008.0.i586.rpm\n 994a4e5470f23522b3188de86b405edb  2008.0/i586/mozilla-firefox-ro-2.0.0.12-1mdv2008.0.i586.rpm\n 0862286c72978f7ed8ae34be4e0f3e4e  2008.0/i586/mozilla-firefox-ru-2.0.0.12-1mdv2008.0.i586.rpm\n 455ecd10092e5bec3904e72426cb7d17  2008.0/i586/mozilla-firefox-sk-2.0.0.12-1mdv2008.0.i586.rpm\n 49ea3406aeec377bf84d74e5407a9f9e  2008.0/i586/mozilla-firefox-sl-2.0.0.12-1mdv2008.0.i586.rpm\n 4e6074968ddd1ae114d3041c4742643d  2008.0/i586/mozilla-firefox-sv_SE-2.0.0.12-1mdv2008.0.i586.rpm\n 117e43ed744cf4363ccf9b7de9db90da  2008.0/i586/mozilla-firefox-tr-2.0.0.12-1mdv2008.0.i586.rpm\n f4b7a624f8b7cd2c91c1a3a5c82c4c86  2008.0/i586/mozilla-firefox-uk-2.0.0.12-1mdv2008.0.i586.rpm\n e023caab47e5409ae7892144b4603139  2008.0/i586/mozilla-firefox-zh_CN-2.0.0.12-1mdv2008.0.i586.rpm\n bfce9fb35e295b3aab1937a5930f94cd  2008.0/i586/mozilla-firefox-zh_TW-2.0.0.12-1mdv2008.0.i586.rpm\n 3faf9dcb53903cfc255c8a83b441376d  2008.0/i586/totem-2.20.1-1.2mdv2008.0.i586.rpm\n 37614ee5b5d3e141573e5d17d142d419  2008.0/i586/totem-common-2.20.1-1.2mdv2008.0.i586.rpm\n 5d894ec0e4e9695b5c45897be5a3fe41  2008.0/i586/totem-gstreamer-2.20.1-1.2mdv2008.0.i586.rpm\n bdda2275535580a00d87374804d8356a  2008.0/i586/totem-mozilla-2.20.1-1.2mdv2008.0.i586.rpm\n b5b144ef52b3d0c79cfea70098e593ee  2008.0/i586/totem-mozilla-gstreamer-2.20.1-1.2mdv2008.0.i586.rpm\n 131b7e638a900ef5483b238760b3ce7e  2008.0/i586/yelp-2.20.0-3.2mdv2008.0.i586.rpm \n fd64f784036f9a7a67ae7dc4bc840755  2008.0/SRPMS/devhelp-0.16-1.3mdv2008.0.src.rpm\n 483a9c4d9ae531f9b3586d3a2da2f8a2  2008.0/SRPMS/eclipse-3.3.0-0.20.8.3mdv2008.0.src.rpm\n 331b129d4ea2db89884b6531a8a7f58b  2008.0/SRPMS/epiphany-2.20.0-1.3mdv2008.0.src.rpm\n 3c7ab32d75b68e67a68b1933aa477fa9  2008.0/SRPMS/galeon-2.0.3-7.3mdv2008.0.src.rpm\n 4f71054efcad5f6ea4a41d3f003fd909  2008.0/SRPMS/gnome-python-extras-2.19.1-4.3mdv2008.0.src.rpm\n 64ec454e2292e0f3d39d1c3b23407957  2008.0/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2008.0.src.rpm\n b0f611d44d02a710ed8d868d745cca25  2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.src.rpm\n 344da985922776256af6accfba04672a  2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.src.rpm\n eb8583166df4ad6591d184af922824c3  2008.0/SRPMS/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.src.rpm\n 9c9ca299024b58a8c292c723724e4aa8  2008.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2008.0.src.rpm\n db53f00eaa8cc296f6cd1109fe45cc69  2008.0/SRPMS/totem-2.20.1-1.2mdv2008.0.src.rpm\n 4429b4db2e0c4d1f27abccc8e140023e  2008.0/SRPMS/yelp-2.20.0-3.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 7637b945a5a1d92d319929e6116fff90  2008.0/x86_64/devhelp-0.16-1.3mdv2008.0.x86_64.rpm\n e90b3b646f35eeb9ab56d5709139e44e  2008.0/x86_64/devhelp-plugins-0.16-1.3mdv2008.0.x86_64.rpm\n f637d11794273584bab7709f72a93bc8  2008.0/x86_64/eclipse-cvs-client-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n 90d38b352269c8cd1830752e68222146  2008.0/x86_64/eclipse-ecj-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n d9f6e45888de01e795f5d31fcc609d34  2008.0/x86_64/eclipse-jdt-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n 8f2014eedbc9549489aaa9d3ccac141f  2008.0/x86_64/eclipse-pde-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n 52268ee1aee89cc1fbbc39b9a49fa4a3  2008.0/x86_64/eclipse-pde-runtime-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n e51c76c8f9304dd47e24e84954d2bad7  2008.0/x86_64/eclipse-platform-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n f6d7a18638cf2264d90b82804dee0605  2008.0/x86_64/eclipse-rcp-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n 2b14100415d56d45fd66a1038c03bc41  2008.0/x86_64/epiphany-2.20.0-1.3mdv2008.0.x86_64.rpm\n 18cec3625191d15787b77819c97992e0  2008.0/x86_64/epiphany-devel-2.20.0-1.3mdv2008.0.x86_64.rpm\n 672f2b365918d0d562a57451761f7175  2008.0/x86_64/galeon-2.0.3-7.3mdv2008.0.x86_64.rpm\n 620bcafdf53e73c4619c5a346c70a531  2008.0/x86_64/gnome-python-extras-2.19.1-4.3mdv2008.0.x86_64.rpm\n 1f954e8583d479e1921ec39e2842ed65  2008.0/x86_64/gnome-python-gda-2.19.1-4.3mdv2008.0.x86_64.rpm\n d2b51bd56abca2be983d4d54c741f6fd  2008.0/x86_64/gnome-python-gda-devel-2.19.1-4.3mdv2008.0.x86_64.rpm\n e5b9d75c878c43be0de65617a5c62dd8  2008.0/x86_64/gnome-python-gdl-2.19.1-4.3mdv2008.0.x86_64.rpm\n c39535f16de1822b3afcbafb38cdd067  2008.0/x86_64/gnome-python-gksu-2.19.1-4.3mdv2008.0.x86_64.rpm\n 982509689a28dbc301c3f65278639ec8  2008.0/x86_64/gnome-python-gtkhtml2-2.19.1-4.3mdv2008.0.x86_64.rpm\n 7e324bc741e70a3b560ac7657d36b424  2008.0/x86_64/gnome-python-gtkmozembed-2.19.1-4.3mdv2008.0.x86_64.rpm\n 9acc6d3c83cdb74954a281dc62899599  2008.0/x86_64/gnome-python-gtkspell-2.19.1-4.3mdv2008.0.x86_64.rpm\n fca20482c9fa5c36cc70ea4dbee013cf  2008.0/x86_64/lib64devhelp-1-devel-0.16-1.3mdv2008.0.x86_64.rpm\n 230116bc2d8c100fa6e79c751e8849e8  2008.0/x86_64/lib64devhelp-1_0-0.16-1.3mdv2008.0.x86_64.rpm\n a99787473640413505d74dd9af737c33  2008.0/x86_64/lib64mozilla-firefox-devel-2.0.0.12-1.1mdv2008.0.x86_64.rpm\n 7765387decd77b6cd678ba97a80aa212  2008.0/x86_64/lib64mozilla-firefox2.0.0.12-2.0.0.12-1.1mdv2008.0.x86_64.rpm\n f771f31ce21856d297af6b314e73bd6f  2008.0/x86_64/lib64totem-plparser-devel-2.20.1-1.2mdv2008.0.x86_64.rpm\n 8165c641a39c30be4147cbb006e6ce59  2008.0/x86_64/lib64totem-plparser7-2.20.1-1.2mdv2008.0.x86_64.rpm\n f9d8ede28ccc73d9c4e1eb42c3b529dd  2008.0/x86_64/libswt3-gtk2-3.3.0-0.20.8.3mdv2008.0.x86_64.rpm\n a2a62a67abf56f791fe8867de18c3d9f  2008.0/x86_64/mozilla-firefox-2.0.0.12-1.1mdv2008.0.x86_64.rpm\n ca37b76d4c340aa31f696f7539e0ea33  2008.0/x86_64/mozilla-firefox-af-2.0.0.12-1mdv2008.0.x86_64.rpm\n 03bba40715b886951b4809058c61446a  2008.0/x86_64/mozilla-firefox-ar-2.0.0.12-1mdv2008.0.x86_64.rpm\n b6ce56c92082b2e329941af2a48007f7  2008.0/x86_64/mozilla-firefox-be-2.0.0.12-1mdv2008.0.x86_64.rpm\n d9fb339dc9374c58b5652d71f2a90454  2008.0/x86_64/mozilla-firefox-bg-2.0.0.12-1mdv2008.0.x86_64.rpm\n ecb686040cfcc1741b0a328576214340  2008.0/x86_64/mozilla-firefox-br_FR-2.0.0.12-1mdv2008.0.x86_64.rpm\n 0554cc5ff06d136da6eb7e02d039eba2  2008.0/x86_64/mozilla-firefox-ca-2.0.0.12-1mdv2008.0.x86_64.rpm\n faf68eb0c9a52a58d98290b74c98d7a0  2008.0/x86_64/mozilla-firefox-cs-2.0.0.12-1mdv2008.0.x86_64.rpm\n 105febad3e8a142f1b5741e53b7623b7  2008.0/x86_64/mozilla-firefox-da-2.0.0.12-1mdv2008.0.x86_64.rpm\n a09f4b5117c11ca7415e0987471b3198  2008.0/x86_64/mozilla-firefox-de-2.0.0.12-1mdv2008.0.x86_64.rpm\n 9a4c5ebcb8fa0fd83f9b1b0448f74ff7  2008.0/x86_64/mozilla-firefox-el-2.0.0.12-1mdv2008.0.x86_64.rpm\n e3d73c78cfd7f50aaaa0c7c50ae26133  2008.0/x86_64/mozilla-firefox-en_GB-2.0.0.12-1mdv2008.0.x86_64.rpm\n 733628c57cf6a1165db3ba8cfda4632f  2008.0/x86_64/mozilla-firefox-es_AR-2.0.0.12-1mdv2008.0.x86_64.rpm\n 2af0226fcdae799c8e4d9844fba5a060  2008.0/x86_64/mozilla-firefox-es_ES-2.0.0.12-1mdv2008.0.x86_64.rpm\n 67144ddc8c9226bdbcbaa9d9255e02b3  2008.0/x86_64/mozilla-firefox-et_EE-2.0.0.12-1mdv2008.0.x86_64.rpm\n 92888bed6a4187ee27af85da7a96aba9  2008.0/x86_64/mozilla-firefox-eu-2.0.0.12-1mdv2008.0.x86_64.rpm\n 6eaa41c4a0bdde8f016beb06e719e57c  2008.0/x86_64/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.x86_64.rpm\n f1453161a26e650c4172bf7a69dc2f52  2008.0/x86_64/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.x86_64.rpm\n 3a7cbb41c223cc1eb64e70011a50a92e  2008.0/x86_64/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.x86_64.rpm\n 7d4987023db30662237b2dff17673112  2008.0/x86_64/mozilla-firefox-fi-2.0.0.12-1mdv2008.0.x86_64.rpm\n 665624041067cb596d20ac0fae0c56e1  2008.0/x86_64/mozilla-firefox-fr-2.0.0.12-1mdv2008.0.x86_64.rpm\n e371bf004aee3199dae4818f156cc2a8  2008.0/x86_64/mozilla-firefox-fy-2.0.0.12-1mdv2008.0.x86_64.rpm\n 8187e9e50111404689936a361edcb9e0  2008.0/x86_64/mozilla-firefox-ga-2.0.0.12-1mdv2008.0.x86_64.rpm\n b59b0c7598a9ff58d266ef445b60a6ea  2008.0/x86_64/mozilla-firefox-gnome-support-2.0.0.12-1.1mdv2008.0.x86_64.rpm\n 3da5205396822b8e7ddd189c9dede8db  2008.0/x86_64/mozilla-firefox-gu_IN-2.0.0.12-1mdv2008.0.x86_64.rpm\n b6540fa0265f001e1ec7ea34c8d62964  2008.0/x86_64/mozilla-firefox-he-2.0.0.12-1mdv2008.0.x86_64.rpm\n 2ee06f3b7c50e7556f9495fbd72e2400  2008.0/x86_64/mozilla-firefox-hu-2.0.0.12-1mdv2008.0.x86_64.rpm\n 1293fc5f1ecfd8f73ee14ce4cd38d89b  2008.0/x86_64/mozilla-firefox-it-2.0.0.12-1mdv2008.0.x86_64.rpm\n 0bb358710509fd6e3d62eb8d89fd8277  2008.0/x86_64/mozilla-firefox-ja-2.0.0.12-1mdv2008.0.x86_64.rpm\n f55afc6e06b1b1ffb81bb509fe1790c9  2008.0/x86_64/mozilla-firefox-ka-2.0.0.12-1mdv2008.0.x86_64.rpm\n 12f6237676be8832af1acf05ff64ebb2  2008.0/x86_64/mozilla-firefox-ko-2.0.0.12-1mdv2008.0.x86_64.rpm\n 12716873fa7cefc1ec056bdd82ae0667  2008.0/x86_64/mozilla-firefox-ku-2.0.0.12-1mdv2008.0.x86_64.rpm\n dd794d67a43611fc29e34c068ee775d3  2008.0/x86_64/mozilla-firefox-lt-2.0.0.12-1mdv2008.0.x86_64.rpm\n 40d0a5fcf19888cb0de6ff20a00b2a2c  2008.0/x86_64/mozilla-firefox-mk-2.0.0.12-1mdv2008.0.x86_64.rpm\n b240c1bcd60d2555c06134b166b356fa  2008.0/x86_64/mozilla-firefox-mn-2.0.0.12-1mdv2008.0.x86_64.rpm\n ce6bee8f71969e259e66fc5ccd72f668  2008.0/x86_64/mozilla-firefox-nb_NO-2.0.0.12-1mdv2008.0.x86_64.rpm\n f4620fd14b954c78709fcc01708f6053  2008.0/x86_64/mozilla-firefox-nl-2.0.0.12-1mdv2008.0.x86_64.rpm\n e7a51c8d25fc46637845172a96a7366d  2008.0/x86_64/mozilla-firefox-nn_NO-2.0.0.12-1mdv2008.0.x86_64.rpm\n cbd80830cf912bd3f0eb4b5e73de7c9b  2008.0/x86_64/mozilla-firefox-pa_IN-2.0.0.12-1mdv2008.0.x86_64.rpm\n b86fa8fb3a49c00bc909efaf22b8e7e2  2008.0/x86_64/mozilla-firefox-pl-2.0.0.12-1mdv2008.0.x86_64.rpm\n d5b445d81a5e497fefd3658bcbd76c9d  2008.0/x86_64/mozilla-firefox-pt_BR-2.0.0.12-1mdv2008.0.x86_64.rpm\n f6c7c3d82b2e46c0c53674b23bd9f610  2008.0/x86_64/mozilla-firefox-pt_PT-2.0.0.12-1mdv2008.0.x86_64.rpm\n c814c511adbc79d7506208c16964dd82  2008.0/x86_64/mozilla-firefox-ro-2.0.0.12-1mdv2008.0.x86_64.rpm\n 1dbfd204f8b7fdf1a1a3d8a318390982  2008.0/x86_64/mozilla-firefox-ru-2.0.0.12-1mdv2008.0.x86_64.rpm\n ff96c040977b5387ac143cb542954605  2008.0/x86_64/mozilla-firefox-sk-2.0.0.12-1mdv2008.0.x86_64.rpm\n 405bfe183faf8385603c18dba56e462b  2008.0/x86_64/mozilla-firefox-sl-2.0.0.12-1mdv2008.0.x86_64.rpm\n 09ada1b389808bcfc841b4bf2f58d3b7  2008.0/x86_64/mozilla-firefox-sv_SE-2.0.0.12-1mdv2008.0.x86_64.rpm\n 5883cf4f015b18e84942ad3b334835ce  2008.0/x86_64/mozilla-firefox-tr-2.0.0.12-1mdv2008.0.x86_64.rpm\n a7f9ee2ceb3b72c7e3855850b5b224d9  2008.0/x86_64/mozilla-firefox-uk-2.0.0.12-1mdv2008.0.x86_64.rpm\n 98171713d09ae8405d2d26eccb166352  2008.0/x86_64/mozilla-firefox-zh_CN-2.0.0.12-1mdv2008.0.x86_64.rpm\n 907b73fc00a166ab82c90cce9dcb2855  2008.0/x86_64/mozilla-firefox-zh_TW-2.0.0.12-1mdv2008.0.x86_64.rpm\n c55f978b69d6c6d0d272613f4d34c6bf  2008.0/x86_64/totem-2.20.1-1.2mdv2008.0.x86_64.rpm\n e7bf2fa7b63ba9217356f953a7d6e32a  2008.0/x86_64/totem-common-2.20.1-1.2mdv2008.0.x86_64.rpm\n f32ec045873ee9a1e4eada8f14ef370d  2008.0/x86_64/totem-gstreamer-2.20.1-1.2mdv2008.0.x86_64.rpm\n 268619b6747e69c4011760509d6c4249  2008.0/x86_64/totem-mozilla-2.20.1-1.2mdv2008.0.x86_64.rpm\n 83e2f72cbce5e5cf2a4fa037e843eddc  2008.0/x86_64/totem-mozilla-gstreamer-2.20.1-1.2mdv2008.0.x86_64.rpm\n ee8611f2b5580f819e2380b07ccf8879  2008.0/x86_64/yelp-2.20.0-3.2mdv2008.0.x86_64.rpm \n fd64f784036f9a7a67ae7dc4bc840755  2008.0/SRPMS/devhelp-0.16-1.3mdv2008.0.src.rpm\n 483a9c4d9ae531f9b3586d3a2da2f8a2  2008.0/SRPMS/eclipse-3.3.0-0.20.8.3mdv2008.0.src.rpm\n 331b129d4ea2db89884b6531a8a7f58b  2008.0/SRPMS/epiphany-2.20.0-1.3mdv2008.0.src.rpm\n 3c7ab32d75b68e67a68b1933aa477fa9  2008.0/SRPMS/galeon-2.0.3-7.3mdv2008.0.src.rpm\n 4f71054efcad5f6ea4a41d3f003fd909  2008.0/SRPMS/gnome-python-extras-2.19.1-4.3mdv2008.0.src.rpm\n 64ec454e2292e0f3d39d1c3b23407957  2008.0/SRPMS/mozilla-firefox-2.0.0.12-1.1mdv2008.0.src.rpm\n b0f611d44d02a710ed8d868d745cca25  2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.771-1.1mdv2008.0.src.rpm\n 344da985922776256af6accfba04672a  2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.0.43-1mdv2008.0.src.rpm\n eb8583166df4ad6591d184af922824c3  2008.0/SRPMS/mozilla-firefox-ext-scribefire-1.4.2-4.1mdv2008.0.src.rpm\n 9c9ca299024b58a8c292c723724e4aa8  2008.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-1mdv2008.0.src.rpm\n db53f00eaa8cc296f6cd1109fe45cc69  2008.0/SRPMS/totem-2.20.1-1.2mdv2008.0.src.rpm\n 4429b4db2e0c4d1f27abccc8e140023e  2008.0/SRPMS/yelp-2.20.0-3.2mdv2008.0.src.rpm\n\n Corporate 3.0:\n 550dadd02da46677bd28e11be84af07c  corporate/3.0/i586/libnspr4-2.0.0.12-0.1.C30mdk.i586.rpm\n 4878b838f7b58178db5c5810db1f9dce  corporate/3.0/i586/libnspr4-devel-2.0.0.12-0.1.C30mdk.i586.rpm\n 43eff3ed0e41653190e4d3ae3579cda4  corporate/3.0/i586/libnspr4-static-devel-2.0.0.12-0.1.C30mdk.i586.rpm\n c1844362f249aca14692aba19bd0e11f  corporate/3.0/i586/libnss3-2.0.0.12-0.1.C30mdk.i586.rpm\n 8beb45a5fc33b02bf4d148ae9e440414  corporate/3.0/i586/libnss3-devel-2.0.0.12-0.1.C30mdk.i586.rpm\n c9aa59e8bb3ac4b4984231d8f01a8505  corporate/3.0/i586/mozilla-firefox-2.0.0.12-0.1.C30mdk.i586.rpm\n b1baa8652f174fb7f7abed9b1745bf96  corporate/3.0/i586/mozilla-firefox-ar-2.0.0.12-0.1.C30mdk.i586.rpm\n ad5a0a4684cfee839501ecb025d547a2  corporate/3.0/i586/mozilla-firefox-bg-2.0.0.12-0.1.C30mdk.i586.rpm\n 26a215b87cd1112589a98544dd0ac41e  corporate/3.0/i586/mozilla-firefox-br-2.0.0.12-0.1.C30mdk.i586.rpm\n 43860455bf9bc4bdc0058f6188eff583  corporate/3.0/i586/mozilla-firefox-ca-2.0.0.12-0.1.C30mdk.i586.rpm\n ff84769e6cc3e2c176eea3f1378b7f13  corporate/3.0/i586/mozilla-firefox-cs-2.0.0.12-0.1.C30mdk.i586.rpm\n 712e3c9a7e2c1f31a212a50b6a916d5b  corporate/3.0/i586/mozilla-firefox-da-2.0.0.12-0.1.C30mdk.i586.rpm\n 21384ac68a9a158d05c8a113f657aba7  corporate/3.0/i586/mozilla-firefox-de-2.0.0.12-0.1.C30mdk.i586.rpm\n ff3b79ce5a8557d51215a95a91ce7a57  corporate/3.0/i586/mozilla-firefox-devel-2.0.0.12-0.1.C30mdk.i586.rpm\n 817f8ac7f07ca552507861270ab673b1  corporate/3.0/i586/mozilla-firefox-el-2.0.0.12-0.1.C30mdk.i586.rpm\n 9e4bf251eb7211e3c13c652470edd2f4  corporate/3.0/i586/mozilla-firefox-es-2.0.0.12-0.1.C30mdk.i586.rpm\n 50bce55b911214d0b6169fbc5b022f10  corporate/3.0/i586/mozilla-firefox-es_AR-2.0.0.12-0.1.C30mdk.i586.rpm\n a119c958b460012f0692de2e95d88dcc  corporate/3.0/i586/mozilla-firefox-eu-2.0.0.12-0.1.C30mdk.i586.rpm\n d1563fb09d46065a4142c346e2b51f7a  corporate/3.0/i586/mozilla-firefox-fi-2.0.0.12-0.1.C30mdk.i586.rpm\n e6683f7f2671ac6e391feb1856e07b4c  corporate/3.0/i586/mozilla-firefox-fr-2.0.0.12-0.1.C30mdk.i586.rpm\n 32ed3343c587ce65670f8889215efd13  corporate/3.0/i586/mozilla-firefox-fy-2.0.0.12-0.1.C30mdk.i586.rpm\n 1b4949f6924352d891e267a372976ee7  corporate/3.0/i586/mozilla-firefox-ga-2.0.0.12-0.1.C30mdk.i586.rpm\n 2feaa589901cdd5814e178f93a67a9d2  corporate/3.0/i586/mozilla-firefox-gu_IN-2.0.0.12-0.1.C30mdk.i586.rpm\n e3dd4574d2c17e0dd0ab6c24e01a7ef0  corporate/3.0/i586/mozilla-firefox-he-2.0.0.12-0.1.C30mdk.i586.rpm\n 2bc8200cea954caeb99a101f15c82fa3  corporate/3.0/i586/mozilla-firefox-hu-2.0.0.12-0.1.C30mdk.i586.rpm\n e4089156af8dd0ef08a75896345c4abe  corporate/3.0/i586/mozilla-firefox-it-2.0.0.12-0.1.C30mdk.i586.rpm\n 17b4af5dd41ffa19979372389bbe5894  corporate/3.0/i586/mozilla-firefox-ja-2.0.0.12-0.1.C30mdk.i586.rpm\n d360ae8b94e9f161654f0e1ad3db809a  corporate/3.0/i586/mozilla-firefox-ko-2.0.0.12-0.1.C30mdk.i586.rpm\n 3e582e8d8b624d54fe07883213e20d90  corporate/3.0/i586/mozilla-firefox-lt-2.0.0.12-0.1.C30mdk.i586.rpm\n 7e490e7bcb8cda57769866a8b810e443  corporate/3.0/i586/mozilla-firefox-mk-2.0.0.12-0.1.C30mdk.i586.rpm\n f309b26c279b470d8337f65914674b89  corporate/3.0/i586/mozilla-firefox-nb-2.0.0.12-0.1.C30mdk.i586.rpm\n 720d18b177136d5d96910329d9f7ee25  corporate/3.0/i586/mozilla-firefox-nl-2.0.0.12-0.1.C30mdk.i586.rpm\n 24c61982d71a2d63bf71bb0faccf90a1  corporate/3.0/i586/mozilla-firefox-pa_IN-2.0.0.12-0.1.C30mdk.i586.rpm\n 036712e98bbbef9a7966dfbd81954866  corporate/3.0/i586/mozilla-firefox-pl-2.0.0.12-0.1.C30mdk.i586.rpm\n 0619996ce1e3dc99084c013100918c71  corporate/3.0/i586/mozilla-firefox-pt-2.0.0.12-0.1.C30mdk.i586.rpm\n 0f14d3385b03309473925c5b139afee3  corporate/3.0/i586/mozilla-firefox-pt_BR-2.0.0.12-0.1.C30mdk.i586.rpm\n b7cd96a7431cb825c7db41bb4c85cc0c  corporate/3.0/i586/mozilla-firefox-ro-2.0.0.12-0.1.C30mdk.i586.rpm\n 0f22a5c8cc4ebe9c95965f7f6a35e25e  corporate/3.0/i586/mozilla-firefox-ru-2.0.0.12-0.1.C30mdk.i586.rpm\n a1c92a73dbad5c475d76cf4eb8fe8947  corporate/3.0/i586/mozilla-firefox-sk-2.0.0.12-0.1.C30mdk.i586.rpm\n d0e46219f3bfb285d1aa5042a11c4c2f  corporate/3.0/i586/mozilla-firefox-sl-2.0.0.12-0.1.C30mdk.i586.rpm\n 65fbb88b91f6f18faf6bfcd7637d99b9  corporate/3.0/i586/mozilla-firefox-sv-2.0.0.12-0.1.C30mdk.i586.rpm\n 1e6dd377fc1e89cf1b70faa96e234604  corporate/3.0/i586/mozilla-firefox-tr-2.0.0.12-0.1.C30mdk.i586.rpm\n 1aabd75d4be1b00ed69f61805737dc43  corporate/3.0/i586/mozilla-firefox-uk-2.0.0.12-0.1.C30mdk.i586.rpm\n 0f5612378dae917f0268326ad0036b87  corporate/3.0/i586/mozilla-firefox-zh_CN-2.0.0.12-0.1.C30mdk.i586.rpm\n 32f3121c6d0b5491057d1cfd3380a8b6  corporate/3.0/i586/mozilla-firefox-zh_TW-2.0.0.12-0.1.C30mdk.i586.rpm \n bc6071a867462a8f2a44aa4896530fe6  corporate/3.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.C30mdk.src.rpm\n 3716609be655be6acb6f567c0eb7dbea  corporate/3.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 23db9d7edef5b8116b6f3cf853819461  corporate/3.0/x86_64/lib64nspr4-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 0729f4ac4b61f25e3ae816e12acef5ea  corporate/3.0/x86_64/lib64nspr4-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 54d5a161aeda3c3a1754f3b559eec78b  corporate/3.0/x86_64/lib64nspr4-static-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 53339583f214c0cfa61966b2730d4676  corporate/3.0/x86_64/lib64nss3-2.0.0.12-0.1.C30mdk.x86_64.rpm\n a4a1bdc3da133c4d39950b865ebb6cab  corporate/3.0/x86_64/lib64nss3-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm\n c8476b439226f4db336d0500bbfcb441  corporate/3.0/x86_64/mozilla-firefox-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 9562e49d98011a072ee5c1eb35ee42c7  corporate/3.0/x86_64/mozilla-firefox-ar-2.0.0.12-0.1.C30mdk.x86_64.rpm\n aa61d7753d91cf385ecf79a42e8e3aec  corporate/3.0/x86_64/mozilla-firefox-bg-2.0.0.12-0.1.C30mdk.x86_64.rpm\n c8c27fcd9be3ee89f9aea52489bd8c03  corporate/3.0/x86_64/mozilla-firefox-br-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 98eba3b228afab21f0c2df55a08b79d6  corporate/3.0/x86_64/mozilla-firefox-ca-2.0.0.12-0.1.C30mdk.x86_64.rpm\n cc3f2d7c0e3b5f4b893d63790c512636  corporate/3.0/x86_64/mozilla-firefox-cs-2.0.0.12-0.1.C30mdk.x86_64.rpm\n d7d36a8f27c362cec8b48dbff49fe46a  corporate/3.0/x86_64/mozilla-firefox-da-2.0.0.12-0.1.C30mdk.x86_64.rpm\n ffe44e168f6524cd80ceb21207c88006  corporate/3.0/x86_64/mozilla-firefox-de-2.0.0.12-0.1.C30mdk.x86_64.rpm\n aaf6416b5ea970b3ef61b4b650f13867  corporate/3.0/x86_64/mozilla-firefox-devel-2.0.0.12-0.1.C30mdk.x86_64.rpm\n ebaa3a59ec5594164601c5968e6b128f  corporate/3.0/x86_64/mozilla-firefox-el-2.0.0.12-0.1.C30mdk.x86_64.rpm\n ceb7ce9e4eccc391712bbec3737e1280  corporate/3.0/x86_64/mozilla-firefox-es-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 1555aa2ecb1e8beb1949edd6e1672c9d  corporate/3.0/x86_64/mozilla-firefox-es_AR-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 68fa37147805715cfa1bc399c3a3ae12  corporate/3.0/x86_64/mozilla-firefox-eu-2.0.0.12-0.1.C30mdk.x86_64.rpm\n f50964fc639fd5b394b513c42c700076  corporate/3.0/x86_64/mozilla-firefox-fi-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 3bc78e57665df763604b1f30329fad7e  corporate/3.0/x86_64/mozilla-firefox-fr-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 9e2139f1c4d6642be56727ac4bc9bc31  corporate/3.0/x86_64/mozilla-firefox-fy-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 091b74c2f82f9b59d1b3b14ce8de6adb  corporate/3.0/x86_64/mozilla-firefox-ga-2.0.0.12-0.1.C30mdk.x86_64.rpm\n c27e033bd501d9b09bc83f9d43be0442  corporate/3.0/x86_64/mozilla-firefox-gu_IN-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 32f71e68bb9baacad0046e9d264ed141  corporate/3.0/x86_64/mozilla-firefox-he-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 381fa53f3ea9ae644151f891e0688bbc  corporate/3.0/x86_64/mozilla-firefox-hu-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 5c3ae6486d80294e3838de7ea8dd343b  corporate/3.0/x86_64/mozilla-firefox-it-2.0.0.12-0.1.C30mdk.x86_64.rpm\n f97e6f40ccb3928672726b6adabd83ac  corporate/3.0/x86_64/mozilla-firefox-ja-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 3516aab6dfbee80f7c38ad30988d200c  corporate/3.0/x86_64/mozilla-firefox-ko-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 035763a9668bb260b123850757a62144  corporate/3.0/x86_64/mozilla-firefox-lt-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 97af652341c9904dfd11b3ed9264040c  corporate/3.0/x86_64/mozilla-firefox-mk-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 2f1324470036d1267a4ab4b0e08c4596  corporate/3.0/x86_64/mozilla-firefox-nb-2.0.0.12-0.1.C30mdk.x86_64.rpm\n e75ca84863e4d2c5fce1a4a455c0171f  corporate/3.0/x86_64/mozilla-firefox-nl-2.0.0.12-0.1.C30mdk.x86_64.rpm\n c83fc2d11b218e35937ba8929ea4255d  corporate/3.0/x86_64/mozilla-firefox-pa_IN-2.0.0.12-0.1.C30mdk.x86_64.rpm\n c183055127e20b1eb233ffe81b886817  corporate/3.0/x86_64/mozilla-firefox-pl-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 3ebb35651e4705b782d0f4cdff5c64ee  corporate/3.0/x86_64/mozilla-firefox-pt-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 39a6d80360c585312f02a307b0840c2d  corporate/3.0/x86_64/mozilla-firefox-pt_BR-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 90f966ed0e5b6d549909d6ae619ee0e6  corporate/3.0/x86_64/mozilla-firefox-ro-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 74e8392f29214ddef8f0369afed3265f  corporate/3.0/x86_64/mozilla-firefox-ru-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 57ea4a96ea3610ecbb438ff32ac9661a  corporate/3.0/x86_64/mozilla-firefox-sk-2.0.0.12-0.1.C30mdk.x86_64.rpm\n df8f8377b181bb1f0b38c0575081f590  corporate/3.0/x86_64/mozilla-firefox-sl-2.0.0.12-0.1.C30mdk.x86_64.rpm\n f603bed6dbea7f856a992c15e2c4b248  corporate/3.0/x86_64/mozilla-firefox-sv-2.0.0.12-0.1.C30mdk.x86_64.rpm\n bff17af242fd945eb81e7a82482f6d6b  corporate/3.0/x86_64/mozilla-firefox-tr-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 297fa42612958e1e62f4d2509c0cac8f  corporate/3.0/x86_64/mozilla-firefox-uk-2.0.0.12-0.1.C30mdk.x86_64.rpm\n fdfba5ea07d613b6e6c3449469af1d8a  corporate/3.0/x86_64/mozilla-firefox-zh_CN-2.0.0.12-0.1.C30mdk.x86_64.rpm\n 93c97d643d6fa49221f6242617acfc15  corporate/3.0/x86_64/mozilla-firefox-zh_TW-2.0.0.12-0.1.C30mdk.x86_64.rpm \n bc6071a867462a8f2a44aa4896530fe6  corporate/3.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.C30mdk.src.rpm\n 3716609be655be6acb6f567c0eb7dbea  corporate/3.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.C30mdk.src.rpm\n\n Corporate 4.0:\n 1d1711379f878dc9870bd4413e8e7f68  corporate/4.0/i586/libnspr4-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 0d7f47aad1001d5131e9aa1de7629982  corporate/4.0/i586/libnspr4-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 4dc18c70a562094a2a35f6e4473860ce  corporate/4.0/i586/libnspr4-static-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 07af2aec6447f914d2b35dec625b713f  corporate/4.0/i586/libnss3-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 089ae34703ea533c88191b886ed050a2  corporate/4.0/i586/libnss3-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 91c7705419d9ba1c6f0662e3bc363bf6  corporate/4.0/i586/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 7408018fbb857928a5af67ccb0e90886  corporate/4.0/i586/mozilla-firefox-af-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 80f7f6d7f638005a44e570ed28507ea6  corporate/4.0/i586/mozilla-firefox-ar-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 322684cd222712ce7fdc179ecd5f33b7  corporate/4.0/i586/mozilla-firefox-be-2.0.0.12-0.1.20060mlcs4.i586.rpm\n a7d1d5f436099bcad673f3bf3931c774  corporate/4.0/i586/mozilla-firefox-bg-2.0.0.12-0.1.20060mlcs4.i586.rpm\n c17e5bef41741156084573378cc68600  corporate/4.0/i586/mozilla-firefox-br_FR-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 2a6ead1a302cfecc5faa8ea663c560da  corporate/4.0/i586/mozilla-firefox-ca-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 5695e1d5884f70f853522cee17e80ca5  corporate/4.0/i586/mozilla-firefox-cs-2.0.0.12-0.1.20060mlcs4.i586.rpm\n a478f4f622ffbb68551fc6dab3412b41  corporate/4.0/i586/mozilla-firefox-da-2.0.0.12-0.1.20060mlcs4.i586.rpm\n b573268e97885502650536df6d5e8d41  corporate/4.0/i586/mozilla-firefox-de-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 047972e5977f81ede7b12737bc986016  corporate/4.0/i586/mozilla-firefox-devel-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 7c166d1cf63e97c0dfc7fffa95c9c05a  corporate/4.0/i586/mozilla-firefox-el-2.0.0.12-0.1.20060mlcs4.i586.rpm\n cebc280567909d6019221908ab8d8005  corporate/4.0/i586/mozilla-firefox-en_GB-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 1f55d95a626c5e3e60f1835ec38f3030  corporate/4.0/i586/mozilla-firefox-es_AR-2.0.0.12-0.1.20060mlcs4.i586.rpm\n f3b8a973d1b877940228971660894755  corporate/4.0/i586/mozilla-firefox-es_ES-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 8b062bf830d02da9b0633fb5b0d8694b  corporate/4.0/i586/mozilla-firefox-et_EE-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 99155f12e37fa7f0d233afbf7e6eb77c  corporate/4.0/i586/mozilla-firefox-eu-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 101d3e38b83859fdccd147befe69e323  corporate/4.0/i586/mozilla-firefox-fi-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 591382083fd187a78b807f2058a47500  corporate/4.0/i586/mozilla-firefox-fr-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 31c0256fd7f5611dcadac9d65299e4d1  corporate/4.0/i586/mozilla-firefox-fy-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 88ddcd6d685311d4935eb9c920df7f5a  corporate/4.0/i586/mozilla-firefox-ga-2.0.0.12-0.1.20060mlcs4.i586.rpm\n f16d908c50d3367edf84d8f57ab98658  corporate/4.0/i586/mozilla-firefox-gu_IN-2.0.0.12-0.1.20060mlcs4.i586.rpm\n de1d6367ee761e4795a479b56e386db7  corporate/4.0/i586/mozilla-firefox-he-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 77aec187f4ed84e887c0a7f309f4b392  corporate/4.0/i586/mozilla-firefox-hu-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 282b43d2d3588e402f543db6e04f2f0f  corporate/4.0/i586/mozilla-firefox-it-2.0.0.12-0.1.20060mlcs4.i586.rpm\n b47cc4f29ae05002de87dec506629da4  corporate/4.0/i586/mozilla-firefox-ja-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 293674a0d6da859c704bbf810ec70058  corporate/4.0/i586/mozilla-firefox-ka-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 545f8f041f6b9261e82a4aac2cb43252  corporate/4.0/i586/mozilla-firefox-ko-2.0.0.12-0.1.20060mlcs4.i586.rpm\n c302d3b9648c5000e3f7901bb4bee1f3  corporate/4.0/i586/mozilla-firefox-ku-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 731481cef1ae784c12cbc315578cccc4  corporate/4.0/i586/mozilla-firefox-lt-2.0.0.12-0.1.20060mlcs4.i586.rpm\n dd7c48caf2f47bdf798b59ea3ae559f0  corporate/4.0/i586/mozilla-firefox-mk-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 5b253e55912e1a02d6f0dc83b553dbc9  corporate/4.0/i586/mozilla-firefox-mn-2.0.0.12-0.1.20060mlcs4.i586.rpm\n cd40523fa6a2d66fe7da492ffe4ad14e  corporate/4.0/i586/mozilla-firefox-nb_NO-2.0.0.12-0.1.20060mlcs4.i586.rpm\n f2a96a4a1164c6e2fa15fb9f679f7b09  corporate/4.0/i586/mozilla-firefox-nl-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 06cc7a4e01a22db0d2245c28310f30cf  corporate/4.0/i586/mozilla-firefox-nn_NO-2.0.0.12-0.1.20060mlcs4.i586.rpm\n f775f685d33f5f72db3e38b126818981  corporate/4.0/i586/mozilla-firefox-pa_IN-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 43a81c2218d37a9d78426616805db926  corporate/4.0/i586/mozilla-firefox-pl-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 4663ab7aa12e2d3b76dba84708023fe1  corporate/4.0/i586/mozilla-firefox-pt_BR-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 54471048e1c8cb1db9a7b4969bf2746e  corporate/4.0/i586/mozilla-firefox-pt_PT-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 8254befda8ff5971ceb82c10401d635b  corporate/4.0/i586/mozilla-firefox-ro-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 3b046ee77e70b291e7c59c01be14bc03  corporate/4.0/i586/mozilla-firefox-ru-2.0.0.12-0.1.20060mlcs4.i586.rpm\n c657ff4c7aee04107a1ff720c308af1f  corporate/4.0/i586/mozilla-firefox-sk-2.0.0.12-0.1.20060mlcs4.i586.rpm\n e20b0dfc4235bc5f970de1f788875f62  corporate/4.0/i586/mozilla-firefox-sl-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 017b941dd46c33b86b89b59b52488648  corporate/4.0/i586/mozilla-firefox-sv_SE-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 548ff5316add85b2242194931546b211  corporate/4.0/i586/mozilla-firefox-tr-2.0.0.12-0.1.20060mlcs4.i586.rpm\n d0a98b2311dcffe4f4aaa9cb18af9c59  corporate/4.0/i586/mozilla-firefox-uk-2.0.0.12-0.1.20060mlcs4.i586.rpm\n 1f9348318f243fe9125a01e68fb3a621  corporate/4.0/i586/mozilla-firefox-zh_CN-2.0.0.12-0.1.20060mlcs4.i586.rpm\n ef213595b8e62754329e80e9b3482eb1  corporate/4.0/i586/mozilla-firefox-zh_TW-2.0.0.12-0.1.20060mlcs4.i586.rpm \n e9a3ebed36c203507377ceda77761c7f  corporate/4.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.src.rpm\n 239d3534086a45aec6b748c8a392848d  corporate/4.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 6f27683c589e7cfe916aea2acc9ea4c5  corporate/4.0/x86_64/lib64nspr4-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 0b49dc9f56bfdbcab6667c317cd09d20  corporate/4.0/x86_64/lib64nspr4-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 3b30beb9068bb3c4c93a2851efe5a072  corporate/4.0/x86_64/lib64nspr4-static-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 1b1317be6976c1813bad0fae43195672  corporate/4.0/x86_64/lib64nss3-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 4462f8c4edae09073be451aa5687a9d5  corporate/4.0/x86_64/lib64nss3-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 7a09a6157916830003822a98fe6cfacb  corporate/4.0/x86_64/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 0d65bb5086ea4a27857d6a2b9c06fd28  corporate/4.0/x86_64/mozilla-firefox-af-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a73e472c10837caa909e4757c8a38a13  corporate/4.0/x86_64/mozilla-firefox-ar-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n c1d2fc656d5480c7efe54206e0cba359  corporate/4.0/x86_64/mozilla-firefox-be-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 187a400e7cba77d1d557ad1661c89f70  corporate/4.0/x86_64/mozilla-firefox-bg-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 848f364c27f60a1b57f651a11fd7bfc9  corporate/4.0/x86_64/mozilla-firefox-br_FR-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n fc687b68c63ad17b029aaf40b09081bd  corporate/4.0/x86_64/mozilla-firefox-ca-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n e0f608bc089b65b7d8f4c39e70fdb07f  corporate/4.0/x86_64/mozilla-firefox-cs-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 757e556773ac9d8daca19a8ee900d852  corporate/4.0/x86_64/mozilla-firefox-da-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n e29b10677a086988ce206e2ea8046176  corporate/4.0/x86_64/mozilla-firefox-de-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 469fff1b83157501441463e6d448a5db  corporate/4.0/x86_64/mozilla-firefox-devel-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 883b2bfccc861c66d87ee2d743ccdcfb  corporate/4.0/x86_64/mozilla-firefox-el-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n df11d3c06d75e44370f5c4d51aec25a3  corporate/4.0/x86_64/mozilla-firefox-en_GB-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n ca1e033902408029c4fd40af3be1884e  corporate/4.0/x86_64/mozilla-firefox-es_AR-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n abc14977ab3e412fc421d36b1f5e5a05  corporate/4.0/x86_64/mozilla-firefox-es_ES-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 771b80cadf087492fe3322b7a6f7f66f  corporate/4.0/x86_64/mozilla-firefox-et_EE-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 15a19b591c1349aed2021869e2a4c66f  corporate/4.0/x86_64/mozilla-firefox-eu-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n d93321763495ff74aea00cee5dc084db  corporate/4.0/x86_64/mozilla-firefox-fi-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n aa1fc91f9e645543766005a4752778dd  corporate/4.0/x86_64/mozilla-firefox-fr-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n eddf29eeda44341e9cc838f1c6b24d19  corporate/4.0/x86_64/mozilla-firefox-fy-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 2e838ecca5557cc805641c3d0a285011  corporate/4.0/x86_64/mozilla-firefox-ga-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 4809fd91537881354a71fc93ff98449c  corporate/4.0/x86_64/mozilla-firefox-gu_IN-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a1617c1c7ae11b0a59e4c20e28b32559  corporate/4.0/x86_64/mozilla-firefox-he-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 2d1a864a44662e615dd169969cdac87a  corporate/4.0/x86_64/mozilla-firefox-hu-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 9daafb45ed2580d3aa942fb9c2724afa  corporate/4.0/x86_64/mozilla-firefox-it-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a9b48b99056e9357e8f93234ffc35ddd  corporate/4.0/x86_64/mozilla-firefox-ja-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n c16c37481ea46a9cd9925cb6a817c1c3  corporate/4.0/x86_64/mozilla-firefox-ka-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 228fa42007d14c1b14e9de4baf5dd736  corporate/4.0/x86_64/mozilla-firefox-ko-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a1943be2528497fce78f3e046a75e133  corporate/4.0/x86_64/mozilla-firefox-ku-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a36832b9cb2d40e20001ef05c7976ddc  corporate/4.0/x86_64/mozilla-firefox-lt-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 0556b33cd92d1d98ffb76b75f00ea560  corporate/4.0/x86_64/mozilla-firefox-mk-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 94962bae734a9f359faf26c98db1ac0b  corporate/4.0/x86_64/mozilla-firefox-mn-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 6327ba03cbceb74e666dd777511d2a20  corporate/4.0/x86_64/mozilla-firefox-nb_NO-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n aaa50342a183c21a0fb8e9971e47906e  corporate/4.0/x86_64/mozilla-firefox-nl-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a2433065a1d07f75399737767c455f7e  corporate/4.0/x86_64/mozilla-firefox-nn_NO-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 214139bf12caf296595593ab5482d0e5  corporate/4.0/x86_64/mozilla-firefox-pa_IN-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 2e4fe93846ddfcbb40418de9cc8e2fad  corporate/4.0/x86_64/mozilla-firefox-pl-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n ec0005d0f605c13b271c462d8a1e3803  corporate/4.0/x86_64/mozilla-firefox-pt_BR-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 26e0d940070213998d15c6de8cd4a2e3  corporate/4.0/x86_64/mozilla-firefox-pt_PT-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n dd357d608e05e3b3690916ac18658d60  corporate/4.0/x86_64/mozilla-firefox-ro-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 2517bd66238ea45344c179dc040b3e35  corporate/4.0/x86_64/mozilla-firefox-ru-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n a36da3c0bdd8b7b795c8231dbe38ef0e  corporate/4.0/x86_64/mozilla-firefox-sk-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 81da62c563e988f6774e92f7bb89ec08  corporate/4.0/x86_64/mozilla-firefox-sl-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 049a3781090a939f28ea96feda01dc43  corporate/4.0/x86_64/mozilla-firefox-sv_SE-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 464a604c992f8c6e6ac2e9b30deec767  corporate/4.0/x86_64/mozilla-firefox-tr-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n e893954f8e64d1e9d0750e22a5ec2eae  corporate/4.0/x86_64/mozilla-firefox-uk-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n 4e176083661abe3e461e43381659146e  corporate/4.0/x86_64/mozilla-firefox-zh_CN-2.0.0.12-0.1.20060mlcs4.x86_64.rpm\n b030162e1689f266f9d11d537546d50f  corporate/4.0/x86_64/mozilla-firefox-zh_TW-2.0.0.12-0.1.20060mlcs4.x86_64.rpm \n e9a3ebed36c203507377ceda77761c7f  corporate/4.0/SRPMS/mozilla-firefox-2.0.0.12-0.1.20060mlcs4.src.rpm\n 239d3534086a45aec6b748c8a392848d  corporate/4.0/SRPMS/mozilla-firefox-l10n-2.0.0.12-0.1.20060mlcs4.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.8 (GNU/Linux)\n\niD8DBQFHvzANmqjQ0CJFipgRAnAJAJ9WP5c754QfYoGIwYl7Q+g7bYtvkACgys8n\nLD1VivpQi4F20e4H0MamS58=\n=oe/t\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-0420"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          },
          {
            "db": "BID",
            "id": "27826"
          },
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          },
          {
            "db": "PACKETSTORM",
            "id": "64423"
          },
          {
            "db": "PACKETSTORM",
            "id": "66555"
          },
          {
            "db": "PACKETSTORM",
            "id": "64196"
          },
          {
            "db": "PACKETSTORM",
            "id": "63399"
          },
          {
            "db": "PACKETSTORM",
            "id": "63954"
          }
        ],
        "trust": 2.43
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-30545",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-0420",
            "trust": 3.3
          },
          {
            "db": "BID",
            "id": "27826",
            "trust": 2.8
          },
          {
            "db": "SECUNIA",
            "id": "28758",
            "trust": 2.5
          },
          {
            "db": "SECTRACK",
            "id": "1019434",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "29167",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "29049",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "28839",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "29098",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30327",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "30620",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-1793",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0627",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134",
            "trust": 0.8
          },
          {
            "db": "GENTOO",
            "id": "GLSA-200805-18",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20080216 [HISPASEC] FIREFOX 2.0.0.11 AND OPERA 9.50 BETA REMOTE MEMORY INFORMATION LEAK, FIREFOX 2.0.0.11 REMOTE DENIAL OF SERVICE",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-582-2",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-576-1",
            "trust": 0.6
          },
          {
            "db": "UBUNTU",
            "id": "USN-582-1",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "40491",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "40606",
            "trust": 0.6
          },
          {
            "db": "SUNALERT",
            "id": "238492",
            "trust": 0.6
          },
          {
            "db": "MANDRIVA",
            "id": "MDVSA-2008:048",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-2118",
            "trust": 0.6
          },
          {
            "db": "FEDORA",
            "id": "FEDORA-2008-2060",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "64423",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "64196",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-30545",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "66555",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "63399",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "63954",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          },
          {
            "db": "BID",
            "id": "27826"
          },
          {
            "db": "PACKETSTORM",
            "id": "64423"
          },
          {
            "db": "PACKETSTORM",
            "id": "66555"
          },
          {
            "db": "PACKETSTORM",
            "id": "64196"
          },
          {
            "db": "PACKETSTORM",
            "id": "63399"
          },
          {
            "db": "PACKETSTORM",
            "id": "63954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0420"
          }
        ]
      },
      "id": "VAR-200802-0651",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:52:34.099000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "msfa2008-07",
            "trust": 0.8,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-07.html"
          },
          {
            "title": "msfa2008-07",
            "trust": 0.8,
            "url": "http://www.mozilla-japan.org/security/announce/2008/mfsa2008-07.html"
          },
          {
            "title": "RHSA-2008:0103",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2008-0103.html"
          },
          {
            "title": "RHSA-2008:0104",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2008-0104.html"
          },
          {
            "title": "RHSA-2008:0105",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2008-0105.html"
          },
          {
            "title": "238492",
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238492-1"
          },
          {
            "title": "TLSA-2008-9",
            "trust": 0.8,
            "url": "http://www.turbolinux.com/security/2008/TLSA-2008-9.txt"
          },
          {
            "title": "RHSA-2008:0103",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0103J.html"
          },
          {
            "title": "RHSA-2008:0104",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0104J.html"
          },
          {
            "title": "RHSA-2008:0105",
            "trust": 0.8,
            "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2008-0105J.html"
          },
          {
            "title": "TLSA-2008-9",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2008/TLSA-2008-9j.txt"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0420"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.securityfocus.com/bid/27826"
          },
          {
            "trust": 2.5,
            "url": "http://securitytracker.com/id?1019434"
          },
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/28758"
          },
          {
            "trust": 2.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-07.html"
          },
          {
            "trust": 1.7,
            "url": "http://browser.netscape.com/releasenotes/"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=408076"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00905.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-february/msg00946.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:048"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/28839"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/29049"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/29098"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/29167"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30327"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/30620"
          },
          {
            "trust": 1.7,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-582-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-582-2"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/488264/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10119"
          },
          {
            "trust": 1.1,
            "url": "https://usn.ubuntu.com/576-1/"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/0627/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/1793/references"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40606"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40491"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0420"
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2008/0627"
          },
          {
            "trust": 0.8,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0420"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/40606"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/40491"
          },
          {
            "trust": 0.6,
            "url": "http://www.ubuntulinux.org/support/documentation/usn/usn-576-1"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/archive/1/archive/1/488264/100/0/threaded"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/1793/references"
          },
          {
            "trust": 0.6,
            "url": "http://www.frsirt.com/english/advisories/2008/0627/references"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0412"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0415"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0413"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0420"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0418"
          },
          {
            "trust": 0.3,
            "url": "http://www.opera.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.mozilla.com/en-us/"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/488264"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0105.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-238492-1"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0304"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0414"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0593"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0591"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0594"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0417"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0592"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0419"
          },
          {
            "trust": 0.2,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227.orig.tar.gz"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0413"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0415"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0592"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0591"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0416"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0593"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0417"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0412"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0414"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0594"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0419"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0418"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/bugs/197504"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1238"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0304"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4879"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1233"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0416"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1235"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1237"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4879"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1240"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1234"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1241"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1236"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1233"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1235"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1234"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1380"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200805-18.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.12+nobinonly-0ubuntu0.7.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.12+nobinonly-0ubuntu0.7.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.12+nobinonly-0ubuntu0.7.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.12+nobinonly-0ubuntu0.7.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.12+nobinonly-0ubuntu0.7.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.12+nobinonly-0ubuntu0.7.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.12+nobinonly-0ubuntu0.7.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.12+nobinonly-0ubuntu0.7.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.12+nobinonly-0ubuntu0.7.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.12+nobinonly-0ubuntu0.7.10.0_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.12+2nobinonly+2-0ubuntu0.7.10_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.12+1nobinonly+2-0ubuntu0.7.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.12+2nobinonly+2-0ubuntu0.7.10.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-04.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-02.html"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-05.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-09.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-06.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-03.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-01.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-08.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-10.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-11.html"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-30545"
          },
          {
            "db": "BID",
            "id": "27826"
          },
          {
            "db": "PACKETSTORM",
            "id": "64423"
          },
          {
            "db": "PACKETSTORM",
            "id": "66555"
          },
          {
            "db": "PACKETSTORM",
            "id": "64196"
          },
          {
            "db": "PACKETSTORM",
            "id": "63399"
          },
          {
            "db": "PACKETSTORM",
            "id": "63954"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0420"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-30545",
            "ident": null
          },
          {
            "db": "BID",
            "id": "27826",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "64423",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "66555",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "64196",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "63399",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "63954",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-0420",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-02-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-30545",
            "ident": null
          },
          {
            "date": "2008-02-16T00:00:00",
            "db": "BID",
            "id": "27826",
            "ident": null
          },
          {
            "date": "2008-03-12T21:43:07",
            "db": "PACKETSTORM",
            "id": "64423",
            "ident": null
          },
          {
            "date": "2008-05-20T23:13:30",
            "db": "PACKETSTORM",
            "id": "66555",
            "ident": null
          },
          {
            "date": "2008-03-03T19:33:19",
            "db": "PACKETSTORM",
            "id": "64196",
            "ident": null
          },
          {
            "date": "2008-02-08T04:34:59",
            "db": "PACKETSTORM",
            "id": "63399",
            "ident": null
          },
          {
            "date": "2008-02-23T01:33:34",
            "db": "PACKETSTORM",
            "id": "63954",
            "ident": null
          },
          {
            "date": "2008-02-11T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200802-144",
            "ident": null
          },
          {
            "date": "2008-03-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001134",
            "ident": null
          },
          {
            "date": "2008-02-12T03:00:00",
            "db": "NVD",
            "id": "CVE-2008-0420",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-15T00:00:00",
            "db": "VULHUB",
            "id": "VHN-30545",
            "ident": null
          },
          {
            "date": "2015-05-07T17:01:00",
            "db": "BID",
            "id": "27826",
            "ident": null
          },
          {
            "date": "2008-11-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200802-144",
            "ident": null
          },
          {
            "date": "2008-06-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2008-001134",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-0420",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Mozilla Firefox/SeaMonkey Vulnerability in uninitialized memory being read",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2008-001134"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200802-144"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200901-0700

    Vulnerability from variot - Updated: 2026-04-10 22:52

    WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the handling of attr() functions in a CSS content object. When a large numerical value is passed as the argument to the attr() function, a memory corruption will occur which can be leveraged to execute arbitrary coder under the context of the current user. Safari is the web browser bundled by default in the Apple family machine operating system.

    This update provides a solution to this vulnerability. (CVE-2009-1687). (CVE-2009-1690). (CVE-2009-0689).

    The updated packages have been patched to correct these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945


    Updated Packages:

    Mandriva Linux 2009.1: c08161eacba6cdb1b0ba26babe5f8cc5 2009.1/i586/kdelibs4-core-4.2.4-0.8mdv2009.1.i586.rpm 933468cf4109252dac5119edd958f73d 2009.1/i586/kdelibs4-devel-4.2.4-0.8mdv2009.1.i586.rpm 96703a0ef0baf299647ff27d64cb0680 2009.1/i586/libkde3support4-4.2.4-0.8mdv2009.1.i586.rpm e5f60ba41e5919fa77c313b204e1f712 2009.1/i586/libkdecore5-4.2.4-0.8mdv2009.1.i586.rpm cf8af6e467cd1585c44e1cce01362526 2009.1/i586/libkdefakes5-4.2.4-0.8mdv2009.1.i586.rpm 1c9c04b5f6c0c59d2e5860b077e0c6e3 2009.1/i586/libkdesu5-4.2.4-0.8mdv2009.1.i586.rpm 89fe7c33c7e5bcc23595560ae4664bf6 2009.1/i586/libkdeui5-4.2.4-0.8mdv2009.1.i586.rpm 30b73ef58ac3a45ff86756ad09d0d555 2009.1/i586/libkdnssd4-4.2.4-0.8mdv2009.1.i586.rpm a1f00af00ea7e52d9f187f1fe5ccdfe2 2009.1/i586/libkfile4-4.2.4-0.8mdv2009.1.i586.rpm 553486988b945307ee038cb41dcb76e6 2009.1/i586/libkhtml5-4.2.4-0.8mdv2009.1.i586.rpm 9d9501ff70e709c5ea32b35aa985688a 2009.1/i586/libkimproxy4-4.2.4-0.8mdv2009.1.i586.rpm a2ec3f440eb6cf545abbc63a3d34c1e5 2009.1/i586/libkio5-4.2.4-0.8mdv2009.1.i586.rpm 4168e955b60a5a69d8f1e085b30d0424 2009.1/i586/libkjs4-4.2.4-0.8mdv2009.1.i586.rpm bfcece9c73348c6415c48ec266877908 2009.1/i586/libkjsapi4-4.2.4-0.8mdv2009.1.i586.rpm 228ca7dc2a86fdc868a5937b16a7a08c 2009.1/i586/libkjsembed4-4.2.4-0.8mdv2009.1.i586.rpm f6297ae0630eb6207895df9f2f971eb6 2009.1/i586/libkmediaplayer4-4.2.4-0.8mdv2009.1.i586.rpm cf6113c17858d5e6e3c0e04622f8a66c 2009.1/i586/libknewstuff2_4-4.2.4-0.8mdv2009.1.i586.rpm da55a2f428ad020834f7b91c0023ecf6 2009.1/i586/libknotifyconfig4-4.2.4-0.8mdv2009.1.i586.rpm 9fef466138ff78a3d6d3244998a9ba30 2009.1/i586/libkntlm4-4.2.4-0.8mdv2009.1.i586.rpm 4f7c0ad254ec1990f5dab1c0b959629d 2009.1/i586/libkparts4-4.2.4-0.8mdv2009.1.i586.rpm 8c58d6a9a6ec7fc21f287b2f4c2e9858 2009.1/i586/libkpty4-4.2.4-0.8mdv2009.1.i586.rpm 8ed500d050b95560d7eff6db26fa05ee 2009.1/i586/libkrosscore4-4.2.4-0.8mdv2009.1.i586.rpm 2d8d12d8a7bbfe18f6b04b9807795077 2009.1/i586/libkrossui4-4.2.4-0.8mdv2009.1.i586.rpm 8cc5c226e381b122983440b3440c1476 2009.1/i586/libktexteditor4-4.2.4-0.8mdv2009.1.i586.rpm 3c53941130fb8cc6d12b8cdea488f536 2009.1/i586/libkunittest4-4.2.4-0.8mdv2009.1.i586.rpm 3996bfcff0b2465c39c6ccdb8367f401 2009.1/i586/libkutils4-4.2.4-0.8mdv2009.1.i586.rpm 129a26ab20c792994113b5db00b7f7c4 2009.1/i586/libnepomuk4-4.2.4-0.8mdv2009.1.i586.rpm 0b88090e1cba0db59a3fb85c34e6b726 2009.1/i586/libplasma3-4.2.4-0.8mdv2009.1.i586.rpm 79b484a6c8e20db156fbe130c81e2001 2009.1/i586/libsolid4-4.2.4-0.8mdv2009.1.i586.rpm ddd09e03af15f421b2e38b6f06c0247a 2009.1/i586/libthreadweaver4-4.2.4-0.8mdv2009.1.i586.rpm fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm

    Mandriva Linux 2009.1/X86_64: 89f77418ccda86b51c7d32d011e88e9b 2009.1/x86_64/kdelibs4-core-4.2.4-0.8mdv2009.1.x86_64.rpm d0b009e595350648b12cca1ee094802e 2009.1/x86_64/kdelibs4-devel-4.2.4-0.8mdv2009.1.x86_64.rpm 03db494c356e0b0823ddf697d42c0f50 2009.1/x86_64/lib64kde3support4-4.2.4-0.8mdv2009.1.x86_64.rpm 6d98531ba95a096fd49801f7df452776 2009.1/x86_64/lib64kdecore5-4.2.4-0.8mdv2009.1.x86_64.rpm bf3845f586eeeaafab5e25442f4d8950 2009.1/x86_64/lib64kdefakes5-4.2.4-0.8mdv2009.1.x86_64.rpm b9767fb69262886d60a7844ad6569e27 2009.1/x86_64/lib64kdesu5-4.2.4-0.8mdv2009.1.x86_64.rpm d709c9fb8874c432d1b4e415e9c06858 2009.1/x86_64/lib64kdeui5-4.2.4-0.8mdv2009.1.x86_64.rpm 6d062780a7629eed7e93ab9e66daf633 2009.1/x86_64/lib64kdnssd4-4.2.4-0.8mdv2009.1.x86_64.rpm f39c44bc7572d06921061c0ac5ef78c9 2009.1/x86_64/lib64kfile4-4.2.4-0.8mdv2009.1.x86_64.rpm 90f8ecd4967830ebff3b81732162fe33 2009.1/x86_64/lib64khtml5-4.2.4-0.8mdv2009.1.x86_64.rpm 005d7de69a0063a8dc396b9dffdf20ed 2009.1/x86_64/lib64kimproxy4-4.2.4-0.8mdv2009.1.x86_64.rpm 3924d83bf43990f7a7ba5d2eea29ef5d 2009.1/x86_64/lib64kio5-4.2.4-0.8mdv2009.1.x86_64.rpm 9124f0ce5f1643e4310ef0bfc5fda970 2009.1/x86_64/lib64kjs4-4.2.4-0.8mdv2009.1.x86_64.rpm 573504d0c305e757b3c163b9132264e4 2009.1/x86_64/lib64kjsapi4-4.2.4-0.8mdv2009.1.x86_64.rpm 917e5b175a3a5480e848dee6201e99d9 2009.1/x86_64/lib64kjsembed4-4.2.4-0.8mdv2009.1.x86_64.rpm 604cce29c11b2452b2744ff72e248b7c 2009.1/x86_64/lib64kmediaplayer4-4.2.4-0.8mdv2009.1.x86_64.rpm bd75d3e4feaa98a3659ae5d113fe45f6 2009.1/x86_64/lib64knewstuff2_4-4.2.4-0.8mdv2009.1.x86_64.rpm 0a7d48b91c673f5908ce2d47a77746e2 2009.1/x86_64/lib64knotifyconfig4-4.2.4-0.8mdv2009.1.x86_64.rpm a91967cfec8b470cc7520ac17590d41b 2009.1/x86_64/lib64kntlm4-4.2.4-0.8mdv2009.1.x86_64.rpm 0159bb033c507f20fb8bd77a7a8be43a 2009.1/x86_64/lib64kparts4-4.2.4-0.8mdv2009.1.x86_64.rpm a062d0124cdea9dfcafb82ed2c5dfd54 2009.1/x86_64/lib64kpty4-4.2.4-0.8mdv2009.1.x86_64.rpm 8c0950479a23531a03836f7744d6b90d 2009.1/x86_64/lib64krosscore4-4.2.4-0.8mdv2009.1.x86_64.rpm ca61efacf989bd4421d2c88abc440e3f 2009.1/x86_64/lib64krossui4-4.2.4-0.8mdv2009.1.x86_64.rpm bcd31e87995de0f86ad9c363e87ea0d4 2009.1/x86_64/lib64ktexteditor4-4.2.4-0.8mdv2009.1.x86_64.rpm 23a0f2c640a20dd1be2b4475a9102cd6 2009.1/x86_64/lib64kunittest4-4.2.4-0.8mdv2009.1.x86_64.rpm e49987a6d8016b6ac39011b6cac0b570 2009.1/x86_64/lib64kutils4-4.2.4-0.8mdv2009.1.x86_64.rpm 90d6806fa9dcd2ac1b71fc3b72dd4f81 2009.1/x86_64/lib64nepomuk4-4.2.4-0.8mdv2009.1.x86_64.rpm 4808080c578223d0bcb156e78f5d661f 2009.1/x86_64/lib64plasma3-4.2.4-0.8mdv2009.1.x86_64.rpm e8cecb137634dfc738617b67a6d34122 2009.1/x86_64/lib64solid4-4.2.4-0.8mdv2009.1.x86_64.rpm 35c8778eaaa5465a8f15c27a57d8ed60 2009.1/x86_64/lib64threadweaver4-4.2.4-0.8mdv2009.1.x86_64.rpm fe70dc01416cc986d1e19c15a0b5cfa7 2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. ZDI-09-032: Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-032 June 8, 2009

    -- CVE ID: CVE-2009-1698

    -- Affected Vendors: Apple

    -- Affected Products: Apple Safari

    -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 8043.

    -- Vendor Response: Apple has issued an update to correct this vulnerability. More details can be found at:

    http://support.apple.com/kb/HT3613

    -- Disclosure Timeline: 2009-03-26 - Vulnerability reported to vendor 2009-06-08 - Coordinated public release of advisory

    -- Credit: This vulnerability was discovered by: * Thierry Zoller

    -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.

    Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:

    http://www.zerodayinitiative.com
    

    The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.

    Our vulnerability disclosure policy is available online at:

    http://www.zerodayinitiative.com/advisories/disclosure_policy/
    

    . =========================================================== Ubuntu Security Notice USN-857-1 November 10, 2009 qt4-x11 vulnerabilities CVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1699, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1725 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 8.10 Ubuntu 9.04

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 8.10: libqt4-webkit 4.4.3-0ubuntu1.4

    Ubuntu 9.04: libqt4-webkit 4.5.0-0ubuntu4.3

    After a standard system upgrade you need to restart your session to effect the necessary changes.

    Details follow:

    It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0945)

    Several flaws were discovered in the QtWebKit browser and JavaScript engines. (CVE-2009-1687, CVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)

    It was discovered that QtWebKit did not properly handle certain XSL stylesheets. (CVE-2009-1699, CVE-2009-1713)

    It was discovered that QtWebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1712)

    Updated packages for Ubuntu 8.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.diff.gz
      Size/MD5:   116770 f73a330179df7d453f50b286ea3a2c7a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.dsc
      Size/MD5:     2506 711cb90dfd206bd6553dbe0fb8ecd1e2
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz
      Size/MD5: 112939803 376c003317c4417326ba2116370227d0
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.4.3-0ubuntu1.4_all.deb
      Size/MD5: 25758932 0b783fa95d4d41487e58d43823806355
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.4.3-0ubuntu1.4_all.deb
      Size/MD5: 52821772 7d1f3762baf09178176e99e41a502a2b
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    19104 bdc4880e85e007e64d6c5fe8c7c1d81e
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:     7560 b65d2d20cdac05a7e8a04c7b51bc6417
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5: 87571534 73643e89deb481e7a42785d6c65b4594
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   216798 85994fe5c3b286b137ec4f8f3ed9d55a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  2046478 9f4f973c93c20f88838b3b0e48548c75
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  5880176 87946243b9f91e6421a8275417bbecd5
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:     7548 df209948939090506a2f3315aa8bb63a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   213524 556f130d7e1c1ec8f3c427888715807a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   432962 a8f5b6db939fd74616b7e666d32dbcbb
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    42350 6281fc06f2395d8462c2fd30ea3f1883
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   162238 3379fc614bd58cc9647b8c40782a45f3
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  1352676 528c9e209ba652d994292fbfb461cb60
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   435712 af2919097110286db882cba8c40958e1
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    34384 438d61efc4b1ec7af46ff7aaf15b9a8c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    47234 692ccc3fdd023fa61b1646b3a1073e29
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    39112 cf94d41a0a91e71d3e6a7905705020c8
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    22452 4a020d5b8e2ff02532af056a6765af52
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    26432 5492f45d25d4dfb271318f662db0e50c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   109136 0bde853eb0fef921984e5b9b24695a65
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   160746 b8a19545836d673dda2d1cad49901e5b
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:    38064 61ee9cd2c51286c698ba738fbd8e4d13
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5: 53511494 25179f43545ee4f15fa70ff1c4211c66
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  3427782 f3c50589e42291ac643390b3b5056ad3
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   114482 7858ea28ed0ae9e48ebe2d5ebca219ab
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5: 13447008 3b146e17a13acfa50bfa6759232821e1
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   805718 d14b956e7b2c494ef5e359dff2bdb8fd
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  2094928 fad1c4be4f9242977cbb6c191ec19f09
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  4249322 cefb0f909b1913edd97aae55a4ef09c0
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5: 10502594 4af5ca52a2316f9290d0a99bd1683127
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   386118 35fd3567e5eaf2ecaefab37fe3f21701
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:  1507998 8254b4ed13728d957ebf41f74d391c6b
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_amd64.deb
      Size/MD5:   110220 8e379f1af97edacc7f40037fa342af7b
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    19202 2303fd6083a47fe5b85ee1e46ff1ff7c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:     7556 30aabb9f249114d86f823795f7e621ff
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5: 86379828 eb07fdc2dcecb0f26707148362bb70ce
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   216268 96e19c8dc017357682acac62896c5b40
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  2072946 2fc1d9101e2132e43161e2fb600f886a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  5705332 24d5a30fd21ecae4ca3d5bf570b8347d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:     7548 527eb6b3bc6fc6fa3d7a4d26c967c919
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   212706 7bb944917c1fb9be6ce6b1cd056afca1
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   437368 f086dacfa27998d93fd8f093b0bacce3
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    42348 a2427fa3317fe01341ebe66ee3388c47
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   161130 2c4ebc05d22e3299359b9c64bcb8c3fd
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  1366348 68fef30b16caa835cd6330eec7c5c346
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   420458 ac91fb37161830ba3e0fd4b884639afd
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    33724 868ace8cd8b514b367db48a95217035e
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    47056 c918217593ebc473fc3d050285bec49d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    38336 650d40a12071e2a04316edc5860788d1
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    22002 9087daddd7762b1df7a4b9df34166521
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    25898 06bcb1cfcb2df47e758bb89946f9aac6
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   108838 3f80ec6192ebdfd8807450a8aeac928a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   158310 24cf265a2f29818beb73709197bef2c3
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:    37122 b536ef0ebc0dcfa6167cd4285e2ec19d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5: 53126238 bc4c62409883fd6034f07baf1a765853
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  3241850 27d0122caabe919c984b0ff1f59334f9
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   112012 130f929f42286ce4927feb7f3dbd8d18
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5: 13302092 2deee7794c76d799c789a56c38147d8a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   758112 980c7e2f807f29c95ef51feee1bd6f87
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  2086300 e1d521ac4ef50e82235b61b0b0309c2a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  4285842 f79cbd461f5986a686e35b77e8838c7c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5: 10346058 cd6b5dd99cc2496e60f65303a4d861e7
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   377632 0adfcc3c280368f734658d611c7f0c69
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:  1487606 2f2e1e5f10fb8a9bbd94c647ae355135
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_i386.deb
      Size/MD5:   109322 661b18bee424dcc2a108e960dbe51188
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    19118 975962361f82c04fe938397d732d5679
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:     7556 5e9705e3675d4882a9040da75d934db7
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5: 86616234 5f8f6362ef3e45674f8c1480933f4714
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   218292 d89f63624713a3e9f34a7622fd754830
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  2075540 088236f1cb51516af7efb07eb9e859a5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  5791558 693f36209c7728b4da4b3e2a310a2730
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:     7546 765882dd4710771b9f01801c34173f17
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   215380 3000fb6b96014944c85f69d9be1e9314
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   439662 ca410c727f89f68f88ed7c32f08c7496
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    42346 d8670500e205ba66ca588d2020eb6e9b
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   163154 044e27e36b057295b8312b3326bb6d70
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  1369342 9945efb11009af3f7f875f4aa70c7fd1
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   429370 47ffb00ebb1918ae6b638872a76412b4
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    34006 b11c44e3a7e1d5ba2277e981de8928d5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    47638 803c079d0a531b0a84043fc1f7c87d58
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    38608 054c5fa2ddbd80efd168dc072e951e0e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    21992 ca7ada6adc17a99b713920b6452b2f87
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    25962 547542c994e3777e900287da869be0e7
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   108930 48566fe567ab5e3ae14185608cc5bd3a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   159630 48eb3c78b4c28d745ef6862e9f5cac17
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:    37444 695be042708d936061c289d78c86cd77
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5: 53250108 4e06206559a3470bad0730e8aec7e615
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  3227648 acbd67fa1648ca9ad1e10f021e66f8d2
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   110938 bae7d2f0c2c13b33123357102f19cba7
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5: 13316918 c5c409330384ba74489646dabbe9e1a8
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   749270 375901cd31337ffcce0677bef73b8e2b
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  2086296 46b733dc7e08126af4b343287396b051
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  4299788 efc7837ecb1aff0917414f020f4f7710
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5: 10380362 ee64ccc2462a1767363119ab130f86fb
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   382986 c5c48c0dc497b68bd661eea92b5678b8
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:  1501518 06d78b9cb426e70bc1823f755b47cb16
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_lpia.deb
      Size/MD5:   111312 2d5f5829685d661dc3b7408c99233f57
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    21316 45b1ea5b5050b2c0c876872af540089a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:     7562 4dea3a46b67dca117f5c8924389b90ef
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5: 90621650 d41925c8e7b667daed298626937652ab
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   226524 48a6eaf02c23089cdf5271b81386ac8c
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  2127276 685f37c1fdc371cfac83711b1dcbe425
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  5876318 f9777dc66d06e8a241a1a08171eca1ce
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:     7546 446de6e1e94e17f515641bd91bc34e0f
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   221776 ed54fe99be13d94c994a8dc27a16d0e5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   459056 586952d7ae2b7729d95db536f40b87b1
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    42336 2d51e9ef35064b75b94ff171ca51cbd0
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   173132 a8dce02d86a0341b4e73830baa2ff6ae
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  1435512 9fe6abc1dbc92dba076b088154406ae2
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   438202 72b3f451ee05252b81ff73fa22071b71
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    36940 2ff0cfbae3265612c7bfe005333dee20
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    49810 f6ba70b43ec1b6e504b047dad346eb25
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    41498 9d558baba4e4fbae203a9f72c1c8c150
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    24746 af57d713a5d1e216e350dc70ff7e76e0
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    28826 709982084d93ca6f9eca9e8554cac7ee
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   117160 56cb8f90e619174bde6f8da70d7deb21
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   172392 9598ce1608394ee2888309a6d2c4c943
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:    41680 5cd082858ca6bf4ed2c67556508ff8d5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5: 55519220 92115cc894051fa7bdb29eb6a2f8f088
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  3486770 24e725bf0c47a1108692f4bdd46d23fd
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   121160 944ca0755f1b8057c286f6d3c2e1f8ec
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5: 14047876 e1523a10c866ca8dc124947a25aeb34c
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   835254 d7dda3b37da92ca6cba70f941964a371
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  2188324 66bd658c0d8f80205ce8aa741a5c25d6
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  4537294 211ff93e7c8e41ee2881baec57f87b32
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5: 10999204 84090af5c87a89d7d696d00baaf87493
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   391756 7ebc072d2a2750262bb6cb1587c5505d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:  1530908 3fe67007771638ba35c2935a3432d1e6
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_powerpc.deb
      Size/MD5:   111696 1a4f101db96d252c9a93b23f9c20f1fe
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    19006 53bc0f17fdc2e7e10938a259b30710c3
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:     7560 3b86547b62162ec391f7945b0a71bbea
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5: 86584472 1490ec1af2900f0515fadf3d10b1c8b1
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   214836 b52c445f198c5d4c2fef5d0110862ed3
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  2082186 a59e474cf1aea5faa97d3c2f38b79768
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  5813064 0b29c127800c828ad782ea08f9869b95
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:     7548 9784e2fd6bad6b99dec68f28bf95c013
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   221416 98421a8a2735b28ec69a79dcb12bc36a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   434660 08d518f50779ab7696a49d5789983d08
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    42328 c483fc06c701a311895a8f912594d0ce
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   162370 6a1a2f6940287071f83b69dd0a2074ff
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  1351514 4971ee99b0763cdb1b95a350ca97b725
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   427020 65ee12f6a206cad658d7b4b51cac1c36
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    33654 125d67bc7a3343e16141209ae295f51b
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    46336 97bf93bcf238fb612b6db5254e72bf4e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    38482 3e45668f681c73fe5b2f487e76af92bd
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    21700 6ee8cccd7f120782d7ae07d799adea37
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    25726 14c6e1834745ecf8c24d215bacc7273b
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   109626 46c957419dcf1328dc6e625f5044e087
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   157736 a15b042b86fd9af64e5818867a7bc971
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:    36972 2e4f695e58caf79d93f7f929a3f5154a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5: 54818118 ca0d50eb86ac4c4ed69bbfaac082b78d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  3678126 639241e858bdf4bb280b8c9e24b945e8
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   114956 a7d5d4e9c6eb7a28d607a40b72563279
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5: 13545692 049544460c82e22450aee8e5d9db6110
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  1029752 3fefe6c4a287a6a59acf2494882e8757
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  2101436 2589e4a81b28459d1e1b9002b5402674
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  4283628 d2ed704202357f329e22cf5995f62651
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5: 10561886 6cb80130934f4dc83f3449c788251372
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   393816 50f8e31568a792c275dfb5dbbb75d2ab
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:  1542060 e2e1180c629e4d08a56c506b482e2ca3
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_sparc.deb
      Size/MD5:   113046 ca0bdbedc0b649fc9745a9c356c2f6e3
    

    Updated packages for Ubuntu 9.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.diff.gz
      Size/MD5:   113724 cf59da7b0c09550ff78b6164e87ee131
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.dsc
      Size/MD5:     2606 d75ba3f2a8b7a0fc5f17a6d013fd3466
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0.orig.tar.gz
      Size/MD5: 125349021 ffbb1aaea2d538df7ec7694cd68750df
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.5.0-0ubuntu4.3_all.deb
      Size/MD5: 24035224 db61f130680cbfecaee7b2076d9b5b4b
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.5.0-0ubuntu4.3_all.deb
      Size/MD5: 51777244 2c5967ae92de35d935f22bb8cefdb7fb
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    11622 737452fbf1eb644732601da4afe86d56
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:     2310 4ab7edba7c683c4cd436ca6f6e43cc07
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5: 49977848 5a39a981a5a46f5b9833856aa8bd75ab
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   175462 33f715129fcbb8fe17cbf233afdd2735
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  1798666 b0abe77a5b60e101b8a4f796cee35b9d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  6442006 3ec2ed8e896375977496d8aaba00fc0f
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  2442216 55bcb4ba4d60f160adee52790f282bf5
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:     2300 b0ee4bbf483c8037799882f47a9ec95b
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   169046 f5cec0a5df796752c97289a7599a547f
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   379932 4a675e3de3c9ffeda60720b389dded9b
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    31006 6e065ba12e303945dfd4969c7b0e6108
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   150338 1389003b28ca5f92e5bb8c9577a36fbb
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  1033060 00e3845cefc2c24d676c64215cd3c1a4
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   349792 3a0b31c3ad9667c03ecd37efc863e27c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   216816 66d2b7a90f14393d259bf12068f44a0a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    24020 787039fb8afe166961e56b21020c45c4
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    38326 8363daf729bf199a14566ed0054cb110
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    27504 cb2ea2f84ea939edcf662024a81187bf
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    14198 087d5a3f0143d20d87b346e1ef04b2e6
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    17152 4ec3302c7e7b40f41f276883eb1f9cf1
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    85832 94f0d14fcfc19c8dfd1a36a29a2d5825
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   129138 a32e5231e108b2f1c869b3631fc98dfe
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    41274 4450aea1e1c1078de1d6d43a77d80ef4
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5: 58479264 76487ff20906b41662cacb4cd8c4eedc
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  3635668 5d869921403fc9d4e1994b81b92ef122
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    87132 e9da8588cdb3f8995cb440d172f39a56
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  5521678 207d3c7382e7f7dab949b4761c819b67
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   653750 302a9fd3b69b1d41b8e65cd00a4a38b7
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  1490876 a5d562105e8c1d6f14e6c9e38f2f7c1f
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  3589934 59404b3094771d8d30fa4085456661b4
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5: 24216220 10b8cd267a0d68a7a2a08327e1db059a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  5480184 36ccc9b88e638cf13f3cfce9610d778b
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:   247710 0021d694f10622ef0faac30d8f05ed6a
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  6913490 044d9347469b06b3b5c9a52708fb22d6
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  1826192 35ab7279b9e9fe1e93d8c754e0a53f73
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:  1301118 10986e4c5ec819a976b7e49161939a16
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_amd64.deb
      Size/MD5:    81282 14ffbbbb5b74a10ff0337d6a08fac291
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    11598 8db87ef71449e31c1ab389e26e305793
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:     2314 ed908ab64c8ddc432935230e227df32c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5: 48872540 78c072e9fc494fedd3e56ba2e6c5b14f
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   175422 3d97854e70da9c80dd6187a43c273da2
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  1821098 5c0b22bf30f5c0ad3e8e9c35fa29241d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  6222664 8dc2d38b512ae20cf6c0e48f35446e55
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  2426558 bd753136ff81b7879b6d26bd5e6ccbeb
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:     2302 96334f4e93762dd1a28ce34f6b6855dd
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   170522 4f124c0feff569d3a7aaf7a537fa5ede
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   386636 39614ce0a48380ec9c9b82b52d46fc48
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    31006 b8e6ffba684bb6aecfe7cf547d069591
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   150268 fd9fc1d937cc2186a241085727f69e45
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  1047674 917768ee99ad30e46d8ea162ba2a55a0
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   345124 783e3146d1d15e7e4b56177c2551dc8c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   219532 dd4402ef905fe36edc219977b8b56522
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    23490 e3ae808d9546d39b318f2032a3efb2ed
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    38370 c3912b46f9819db92995814578905aaa
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    26944 6942237ccbe925f91da83a58d80257dc
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    13910 24fd6fdd62a853df103ccc5eb23f3ae9
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    16950 224500aeec4ee6c0bda83f1979f556b7
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    85482 35f8861a0f387877d757af2a4bcb74fb
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   127134 74b396cfbdfd52fc01a5b44feafddf40
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    40384 850f651e7b3692dd8f0359e1f6fa9912
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5: 59567434 bbf0c15e2947f809171025aecd169bf2
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  3642492 ccd71c16c7d07bd4883700a95a7e310d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    85662 fc005d23610c7815031ccf67e44d57c2
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  5446004 9ceeb69be14e99aa371c34c48e0dd8e1
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   631616 58a2c5664efbc4969e273be8d3e51cb2
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  1495212 280e8771adeb6e48a31c1c00c65d097d
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  3638476 617f09457809107814b139fdaa11b2cd
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5: 23695874 19d12080a314954ef6184589c6e6ef64
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  5411704 8ffd319dca0814ec7bf90e392c79d75c
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:   242498 cf300d706f60b14c9bdb26d38dfca4fc
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  6733760 802cb485899ba1684255b4189383e2a2
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  1801834 c95b326cd5047777a9b62cf96b842dfc
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:  1275490 744e112dc6d57749d4e7c66043162d48
    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_i386.deb
      Size/MD5:    80198 e4025eafa9ef6f848712cbb5d305da0b
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    11586 35392a8aec66b9f6a80a3f37989a3e84
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:     2310 bba9237a24419b96e34626f301cb53a1
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5: 49102028 35a51944c0b80faa25212c2e5d42af3a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   179254 4dad09ed33bbf71e210fe99628eb8e5d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  1845654 a3ccab02027a27ab368b4d76961f44d8
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  6301482 e970557325b93c7d3c82fc04e051ad5c
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  2460502 bd49c126c36b95c63b6356728557cdbb
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:     2300 24c70a2289d01c6f1a675f18bd83fb0d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   174932 e0b29a559a038c9e52d450d3063ae1c3
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   392598 cd76e9d7fbb3946eed667e73ff44350d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    31002 85d63a39a01b18e425b60aa7f70fce23
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   154532 5d40f8b45c5cc367eb56e35680b3f81d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  1063636 29e972e6c664c9d7f49f6ecb57b7249e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   349202 6e483f50400f9bb3322d12d4cd2088a8
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   221612 f5cf566f6fae3460c4ffe038a2ca45eb
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    23800 a5e1ba153e219d5de887ab2f4c331724
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    39248 e2a9bf4f5860c536b5f6bb2dd36080ff
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    27270 6757ef004282dbcb41911519832e665c
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    13914 60e0b2ff89e2fcb170a9bad22fa5a426
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    17028 dc8248f423afcf49684aff36461b1928
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    86128 0013e3a3d503cd8930215ced2bb7e781
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   129896 502e1b866f8b4c93557ccfe37cf84ffd
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    40860 42258f710eafde8ba98cf0d70ed62bbe
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5: 59829124 f5e6ca21fab5632def632f1980d72968
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  3663718 3c60d09c9701b8583ee9b3ea63df1e09
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    85456 f4cd1db01939e7bea4cf1a14350318d0
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  5462674 73f928cbc1e2ab2a8b0cb35750e33363
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   635968 2ba32c9934c37fb858ef293861296660
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  1503558 71a10407ee8e2b0d8faca71803516543
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  3703968 70254633149e0177b8f40306e1c40119
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5: 23831210 a47cc662c799d56d39a098a55c7ff860
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  5460356 d0f2731a66583fca365275b4bf15bd43
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:   247224 45221df9fac6b935e70f3d49f1641ec3
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  6766074 699d8557725cbc1d98b3facf908aa1af
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  1843474 1c07f5258466db532f77d046fc0464b4
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:  1316972 524683da13e66e47fa34a6ddb7067473
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_lpia.deb
      Size/MD5:    82774 b3f8e382739f03da9cb94626a2f5211f
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    12608 f70d7f88f98c710f00b8dec826a14945
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:     2312 fc55af80a812eb5ffbf75ec3a7ee62aa
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5: 48136850 2863a8886de595c43068283ff45beb90
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   163234 3d9febce56214962ba436358228df2d4
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  1623414 d8dcdedae518133907c850aa8230bf56
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  6172098 8d8f8518ff54c90933966fe61729c7dd
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  2264658 67bb52a5f6d6b60300adfb85423c76ac
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:     2304 30e86f2760dac7fd3f47c476447bd941
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   157492 6739e773252eb1cd70806bdb96665439
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   360428 215dd6ef03babb6a638c45781bb26af2
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    30994 4b457917bdeb91ba6cfcc02d9e0f1e77
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   148258 ebf113910c60bf1e199cd0e76f8b3115
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   957976 4d49fb9926a4219667b31b76fb75f58e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   313972 4def22b0b2bf687f3d2f6a2f669230d5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   203240 d56786ea920eb436f4ccbef49260eb4a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    24312 b935bc753bd5ffdc7c97e542e55e0e6d
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    36972 a4079076c4edf8f0f2cd22be7866f2f6
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    27426 b36d025e2cf5335c15f6ee7d2314cf9e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    15134 3be81591afc0f3e5614d582a982e17e7
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    18100 dffa427f519211a592132e1d2a5a48e7
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    83246 0c963279944d17e32d467758e84728ec
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   124342 f21e4e8d73ec525468ac0265c1c6ed3e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    40800 721a48d0c19c7036ec6f7f3e8a1796e4
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5: 56672370 a1b88f4ee8294b49ebaab9ddd5fcf2df
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  3283702 f46252f44921409a43fa89af3a5b7e6f
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    83654 02ea31ab550db40086f5419daeb8bc24
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  5444754 86c71dabb153ac371a3a878a5bfa017f
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   582304 4ef1ec5872ab6fb0cfc33aef011dd051
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  1431880 fd055110524b4102c88431c9a094b6d5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  3356692 414febb0dcdc2224bbc4d322bf071471
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5: 23665304 69d7736174682533b91910e9e9c4e221
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  5394298 4f88263c866b42b011ac6f70b999aa63
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:   234970 a30574534ddc200af008c4aef6f830c9
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  6719304 be9f1a32584792b598c76560e7d4a75b
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  1681322 40d865a463a5d25a076bf6f55af65b90
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:  1135018 91e9ded3076f1f141d29895358b062fa
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_powerpc.deb
      Size/MD5:    76466 1c75a4de6f3f7a61c41dc97c1ed3bc56
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    10942 a7a4483b64af47318cdabbde9976a65b
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:     2308 b0258f54da89aeda6b40cd6798e6f3ec
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5: 45231402 d00aea2071e583a895b6a89ff0234e12
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   151694 be8ca9b3ee9a1d47a98867c0aba4160e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  1577576 93f34052ac88e45426f7e45a9c12d206
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  5656966 83e7d65e9aa03882c9a0e20605230a69
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  2225980 eac4944686a27b18f3d0e3a0dbfacc17
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:     2302 c318da351836628e9c671eae39dafa9a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   151930 3adca0e45ff6ad23b8258a6717e645cb
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   339444 4bf57591f2c0cc91b69ec0dd1ad0fd30
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    30998 80ecbcd1452055000371a473d8d5fcf5
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   132308 d31962f23a576d6ed29b81d92107d353
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   895788 305fff66ad3943d35384fcb245391228
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   287534 0b5d15fd5302e8430dedad0a002a2503
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   195514 8073d183a54598751563df5efe14f135
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    21426 a8e378abcf5f61aa9085346481b2c7e0
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    31290 d18c888585cfc914c046777d61de2189
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    24464 1a69a86a46673d987ccd6d85f578ee0e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    12748 5538aadc52d0481f0512e2d87289dc15
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    15496 27b6dde8f85dda5c9bdaa7c165b639b4
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    75964 31c5dbb4d87a23faa146d7224df6fa02
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   109566 79711b8ffb0fb8ea2afa7582375449d4
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    36522 c2f8d5c388c435d666a7339ecf4829df
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5: 56966338 c120bb1bb4e2edde9bd6349db63bc76a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  3409284 28669d24488ef04d5bca9220839f7767
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    76352 70dd584dc3c8c9964b427ce0ed3fe5a6
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  5165042 73f9ba9346195ffacf82f84d1ba44c03
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   660376 90e3f41308b8bb4188314c4ec57069a0
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  1352448 0661edc6b955441c5feeb681fe740831
    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  3175982 7a704629253865d41165a33e60a57763
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5: 22594146 b071a350741d3c8ee3094c887839108e
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  5333208 d0538ce1add58ae9eb2709a28aace8bd
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:   233350 bc5b53dfcba69468f73eabd6988a3a62
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  6177274 233d55a34a9c290561f714970196859a
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  1678528 27d97ffe2e9c93cf2412004d03a793fe
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:  1093456 20100354350ea3a0150400a593fbb401
    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_sparc.deb
      Size/MD5:    76636 6aa6be976ebfa14c11ef8ae811cfb711
    

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


    Debian Security Advisory DSA-1950 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano December 12, 2009 http://www.debian.org/security/faq


    Package : webkit Vulnerability : several Problem type : remote (local) Debian-specific: no CVE Id : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698 CVE-2009-1711 CVE-2009-1712 CVE-2009-1725 CVE-2009-1714 CVE-2009-1710 CVE-2009-1697 CVE-2009-1695 CVE-2009-1693 CVE-2009-1694 CVE-2009-1681 CVE-2009-1684 CVE-2009-1692 Debian Bug : 532724 532725 534946 535793 538346

    Several vulnerabilities have been discovered in webkit, a Web content engine library for Gtk+. The Common Vulnerabilities and Exposures project identifies the following problems:

    CVE-2009-0945

    Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute arbitrary code via a document with a SVGPathList data structure containing a negative index in the SVGTransformList, SVGStringList, SVGNumberList, SVGPathSegList, SVGPointList, or SVGLengthList SVGList object, which triggers memory corruption.

    CVE-2009-1714

    Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to the improper escaping of HTML attributes.

    CVE-2009-1710

    WebKit allows remote attackers to spoof the browser's display of the host name, security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property.

    CVE-2009-1697

    CRLF injection vulnerability in WebKit allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document, related to cross-site scripting (XSS) attacks that depend on communication with arbitrary web sites on the same server through use of XMLHttpRequest without a Host header.

    CVE-2009-1693

    WebKit allows remote attackers to read images from arbitrary web sites via a CANVAS element with an SVG image, related to a "cross-site image capture issue."

    CVE-2009-1694

    WebKit does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection, related to a "cross-site image capture issue."

    CVE-2009-1681

    WebKit does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a crafted HTML document.

    CVE-2009-1692

    WebKit allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object.

    For the stable distribution (lenny), these problems has been fixed in version 1.0.1-4+lenny2.

    For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 1.1.16-1.

    We recommend that you upgrade your webkit package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 5.0 alias lenny


    Debian (stable)


    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1.orig.tar.gz Size/MD5 checksum: 13418752 4de68a5773998bea14e8939aa341c466

    http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.diff.gz Size/MD5 checksum: 35369 506c8f2fef73a9fc856264f11a3ad27e http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.dsc Size/MD5 checksum: 1447 b5f01d6428f01d79bfe18338064452ab

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1.0.1-4+lenny2_all.deb Size/MD5 checksum: 35164 df682bbcd13389c2f50002c2aaf7347b

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb Size/MD5 checksum: 65193740 fc8b613c9c41ef0f0d3856e7ee3deeae

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb Size/MD5 checksum: 4254938 252b95b962bda11c000f9c0543673c1b

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_amd64.deb Size/MD5 checksum: 3502994 4a96cad1e302e7303d41d6f866215da4

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_amd64.deb Size/MD5 checksum: 62518476 d723a8c76b373026752b6f68e5fc4950

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_arm.deb Size/MD5 checksum: 2721324 1fac2f59ffa9e3d7b8697aae262f09e4

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_arm.deb Size/MD5 checksum: 61478724 260faea7d5ba766268faad888b3e61ff

    armel architecture (ARM EABI)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_armel.deb Size/MD5 checksum: 2770654 5b88754e9804d9290537afdf6127643a

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_armel.deb Size/MD5 checksum: 59892062 99c8f13257a054f42686ab9c6329d490

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_hppa.deb Size/MD5 checksum: 3869020 c61be734b6511788e8cc235a5d672eab

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_hppa.deb Size/MD5 checksum: 63935342 f1db2bd7b5c22e257c74100798017f30

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_i386.deb Size/MD5 checksum: 62161744 f89fc6ac6d1110cabe47dd9184c9a9ca

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_i386.deb Size/MD5 checksum: 3016584 b854f5294527adac80e9776efed37cd7

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_ia64.deb Size/MD5 checksum: 5547624 2bd2100a345089282117317a9ab2e7d1

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_ia64.deb Size/MD5 checksum: 62685224 5eaff5d431cf4a85beeaa0b66c91958c

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mips.deb Size/MD5 checksum: 3109134 a680a8f105a19bf1b21a5034c14c4822

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mips.deb Size/MD5 checksum: 64547832 dd440891a1861262bc92deb0a1ead013

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mipsel.deb Size/MD5 checksum: 2992848 952d643be475c35e253a8757075cd41b

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mipsel.deb Size/MD5 checksum: 62135970 7cd635047e3f9bd000ff4547a47eaaec

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_s390.deb Size/MD5 checksum: 3456914 6fc856a50b3f899c36381ed8d51af44e

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_s390.deb Size/MD5 checksum: 64385860 98ded86952a2c6714ceba76a4a98c35b

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_sparc.deb Size/MD5 checksum: 63621854 f0dd17453bc09fdc05c119faf2212d70

    http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_sparc.deb Size/MD5 checksum: 3499170 3f2084d6416459ce1416bd6f6f2845e3

    These files will probably be moved into the stable distribution on its next update.


    For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)

    iEYEARECAAYFAksjbAYACgkQNxpp46476aqm7wCaAk6WARfBzzrdYYoxAUKA5weL V5YAmwRkz4XNwdcqnPzdeDzoakljqf1s =DBEQ -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Fell quite behind on this one, here it is.


      Phone &iPod Touch - Remote arbritary code execution
    

    Reference : [GSEC-TZO-45-2009] - iPhone remote arbritary code execution WWW : http://www.g-sec.lu/iphone-remote-code-exec.html CVE : CVE-2009-1698 BID : 35318 Credit : http://support.apple.com/kb/HT3639 Discovered by : Thierry Zoller

    Affected products : - iPhone OS 1.x through 2.2.1 - iPhone OS for iPod touch 1.x through 2.2.1

    I. Background \xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8 Wikipedia quote: "Apple Inc. (NASDAQ: AAPL) is an American multinational corporation which designs and manufactures consumer electronics and software products. The company's best-known hardware products include "

    II. Description \xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8 Calling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code.

    III. Impact \xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8 Arbitrary remote code execution can be achieved by creating a special website and entice the victim into visiting that site.

    IV. Proof of concept \xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8 None will be released

    VI. About \xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8\xa8 G-SEC ltd. is an independent security consultancy group, founded to address the growing need for allround (effective) security consultancy in Luxembourg.

    By providing extensive security auditing, rigid policy design, and implementation of cutting-edge defensive/offensive systems, G-SEC ensures robust, thorough, and uncompromising protection for organizations seeking enterprise wide data security.

    This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10, which brings many bugfixes, overall improvements and many security fixes.

    kdegraphics contains security fixes for CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183

    kdelibs contains security fixes for CVE-2009-0689,1687,1690,1698,2702,1725,2537

    Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.1b"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.3b"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.4"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.2b"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "apple",
            "version": "3.0.0b"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.5"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0.4b"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.4"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.1"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.0.1"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.2"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.1.0b"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.2.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.1.3"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "*"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "*"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.0.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.1.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": null,
            "trust": 0.7,
            "vendor": "apple",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1698"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Thierry Zoller",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          },
          {
            "db": "PACKETSTORM",
            "id": "79546"
          }
        ],
        "trust": 0.8
      },
      "cve": "CVE-2009-1698",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2009-1698",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "VHN-39144",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2009-1698",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200906-182",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-39144",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1698"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.The specific flaw exists in the handling of attr() functions in a CSS content object. When a large numerical value is passed as the argument to the attr() function, a memory corruption will occur which can be leveraged to execute arbitrary coder under the context of the current user. Safari is the web browser bundled by default in the Apple family machine operating system. \n \n This update provides a solution to this vulnerability. (CVE-2009-1687). (CVE-2009-1690). (CVE-2009-0689). \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2537\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2009.1:\n c08161eacba6cdb1b0ba26babe5f8cc5  2009.1/i586/kdelibs4-core-4.2.4-0.8mdv2009.1.i586.rpm\n 933468cf4109252dac5119edd958f73d  2009.1/i586/kdelibs4-devel-4.2.4-0.8mdv2009.1.i586.rpm\n 96703a0ef0baf299647ff27d64cb0680  2009.1/i586/libkde3support4-4.2.4-0.8mdv2009.1.i586.rpm\n e5f60ba41e5919fa77c313b204e1f712  2009.1/i586/libkdecore5-4.2.4-0.8mdv2009.1.i586.rpm\n cf8af6e467cd1585c44e1cce01362526  2009.1/i586/libkdefakes5-4.2.4-0.8mdv2009.1.i586.rpm\n 1c9c04b5f6c0c59d2e5860b077e0c6e3  2009.1/i586/libkdesu5-4.2.4-0.8mdv2009.1.i586.rpm\n 89fe7c33c7e5bcc23595560ae4664bf6  2009.1/i586/libkdeui5-4.2.4-0.8mdv2009.1.i586.rpm\n 30b73ef58ac3a45ff86756ad09d0d555  2009.1/i586/libkdnssd4-4.2.4-0.8mdv2009.1.i586.rpm\n a1f00af00ea7e52d9f187f1fe5ccdfe2  2009.1/i586/libkfile4-4.2.4-0.8mdv2009.1.i586.rpm\n 553486988b945307ee038cb41dcb76e6  2009.1/i586/libkhtml5-4.2.4-0.8mdv2009.1.i586.rpm\n 9d9501ff70e709c5ea32b35aa985688a  2009.1/i586/libkimproxy4-4.2.4-0.8mdv2009.1.i586.rpm\n a2ec3f440eb6cf545abbc63a3d34c1e5  2009.1/i586/libkio5-4.2.4-0.8mdv2009.1.i586.rpm\n 4168e955b60a5a69d8f1e085b30d0424  2009.1/i586/libkjs4-4.2.4-0.8mdv2009.1.i586.rpm\n bfcece9c73348c6415c48ec266877908  2009.1/i586/libkjsapi4-4.2.4-0.8mdv2009.1.i586.rpm\n 228ca7dc2a86fdc868a5937b16a7a08c  2009.1/i586/libkjsembed4-4.2.4-0.8mdv2009.1.i586.rpm\n f6297ae0630eb6207895df9f2f971eb6  2009.1/i586/libkmediaplayer4-4.2.4-0.8mdv2009.1.i586.rpm\n cf6113c17858d5e6e3c0e04622f8a66c  2009.1/i586/libknewstuff2_4-4.2.4-0.8mdv2009.1.i586.rpm\n da55a2f428ad020834f7b91c0023ecf6  2009.1/i586/libknotifyconfig4-4.2.4-0.8mdv2009.1.i586.rpm\n 9fef466138ff78a3d6d3244998a9ba30  2009.1/i586/libkntlm4-4.2.4-0.8mdv2009.1.i586.rpm\n 4f7c0ad254ec1990f5dab1c0b959629d  2009.1/i586/libkparts4-4.2.4-0.8mdv2009.1.i586.rpm\n 8c58d6a9a6ec7fc21f287b2f4c2e9858  2009.1/i586/libkpty4-4.2.4-0.8mdv2009.1.i586.rpm\n 8ed500d050b95560d7eff6db26fa05ee  2009.1/i586/libkrosscore4-4.2.4-0.8mdv2009.1.i586.rpm\n 2d8d12d8a7bbfe18f6b04b9807795077  2009.1/i586/libkrossui4-4.2.4-0.8mdv2009.1.i586.rpm\n 8cc5c226e381b122983440b3440c1476  2009.1/i586/libktexteditor4-4.2.4-0.8mdv2009.1.i586.rpm\n 3c53941130fb8cc6d12b8cdea488f536  2009.1/i586/libkunittest4-4.2.4-0.8mdv2009.1.i586.rpm\n 3996bfcff0b2465c39c6ccdb8367f401  2009.1/i586/libkutils4-4.2.4-0.8mdv2009.1.i586.rpm\n 129a26ab20c792994113b5db00b7f7c4  2009.1/i586/libnepomuk4-4.2.4-0.8mdv2009.1.i586.rpm\n 0b88090e1cba0db59a3fb85c34e6b726  2009.1/i586/libplasma3-4.2.4-0.8mdv2009.1.i586.rpm\n 79b484a6c8e20db156fbe130c81e2001  2009.1/i586/libsolid4-4.2.4-0.8mdv2009.1.i586.rpm\n ddd09e03af15f421b2e38b6f06c0247a  2009.1/i586/libthreadweaver4-4.2.4-0.8mdv2009.1.i586.rpm \n fe70dc01416cc986d1e19c15a0b5cfa7  2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n 89f77418ccda86b51c7d32d011e88e9b  2009.1/x86_64/kdelibs4-core-4.2.4-0.8mdv2009.1.x86_64.rpm\n d0b009e595350648b12cca1ee094802e  2009.1/x86_64/kdelibs4-devel-4.2.4-0.8mdv2009.1.x86_64.rpm\n 03db494c356e0b0823ddf697d42c0f50  2009.1/x86_64/lib64kde3support4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 6d98531ba95a096fd49801f7df452776  2009.1/x86_64/lib64kdecore5-4.2.4-0.8mdv2009.1.x86_64.rpm\n bf3845f586eeeaafab5e25442f4d8950  2009.1/x86_64/lib64kdefakes5-4.2.4-0.8mdv2009.1.x86_64.rpm\n b9767fb69262886d60a7844ad6569e27  2009.1/x86_64/lib64kdesu5-4.2.4-0.8mdv2009.1.x86_64.rpm\n d709c9fb8874c432d1b4e415e9c06858  2009.1/x86_64/lib64kdeui5-4.2.4-0.8mdv2009.1.x86_64.rpm\n 6d062780a7629eed7e93ab9e66daf633  2009.1/x86_64/lib64kdnssd4-4.2.4-0.8mdv2009.1.x86_64.rpm\n f39c44bc7572d06921061c0ac5ef78c9  2009.1/x86_64/lib64kfile4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 90f8ecd4967830ebff3b81732162fe33  2009.1/x86_64/lib64khtml5-4.2.4-0.8mdv2009.1.x86_64.rpm\n 005d7de69a0063a8dc396b9dffdf20ed  2009.1/x86_64/lib64kimproxy4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 3924d83bf43990f7a7ba5d2eea29ef5d  2009.1/x86_64/lib64kio5-4.2.4-0.8mdv2009.1.x86_64.rpm\n 9124f0ce5f1643e4310ef0bfc5fda970  2009.1/x86_64/lib64kjs4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 573504d0c305e757b3c163b9132264e4  2009.1/x86_64/lib64kjsapi4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 917e5b175a3a5480e848dee6201e99d9  2009.1/x86_64/lib64kjsembed4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 604cce29c11b2452b2744ff72e248b7c  2009.1/x86_64/lib64kmediaplayer4-4.2.4-0.8mdv2009.1.x86_64.rpm\n bd75d3e4feaa98a3659ae5d113fe45f6  2009.1/x86_64/lib64knewstuff2_4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 0a7d48b91c673f5908ce2d47a77746e2  2009.1/x86_64/lib64knotifyconfig4-4.2.4-0.8mdv2009.1.x86_64.rpm\n a91967cfec8b470cc7520ac17590d41b  2009.1/x86_64/lib64kntlm4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 0159bb033c507f20fb8bd77a7a8be43a  2009.1/x86_64/lib64kparts4-4.2.4-0.8mdv2009.1.x86_64.rpm\n a062d0124cdea9dfcafb82ed2c5dfd54  2009.1/x86_64/lib64kpty4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 8c0950479a23531a03836f7744d6b90d  2009.1/x86_64/lib64krosscore4-4.2.4-0.8mdv2009.1.x86_64.rpm\n ca61efacf989bd4421d2c88abc440e3f  2009.1/x86_64/lib64krossui4-4.2.4-0.8mdv2009.1.x86_64.rpm\n bcd31e87995de0f86ad9c363e87ea0d4  2009.1/x86_64/lib64ktexteditor4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 23a0f2c640a20dd1be2b4475a9102cd6  2009.1/x86_64/lib64kunittest4-4.2.4-0.8mdv2009.1.x86_64.rpm\n e49987a6d8016b6ac39011b6cac0b570  2009.1/x86_64/lib64kutils4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 90d6806fa9dcd2ac1b71fc3b72dd4f81  2009.1/x86_64/lib64nepomuk4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 4808080c578223d0bcb156e78f5d661f  2009.1/x86_64/lib64plasma3-4.2.4-0.8mdv2009.1.x86_64.rpm\n e8cecb137634dfc738617b67a6d34122  2009.1/x86_64/lib64solid4-4.2.4-0.8mdv2009.1.x86_64.rpm\n 35c8778eaaa5465a8f15c27a57d8ed60  2009.1/x86_64/lib64threadweaver4-4.2.4-0.8mdv2009.1.x86_64.rpm \n fe70dc01416cc986d1e19c15a0b5cfa7  2009.1/SRPMS/kdelibs4-4.2.4-0.8mdv2009.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. ZDI-09-032: Apple WebKit attr() Invalid Attribute Memory Corruption\nVulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-09-032\nJune 8, 2009\n\n-- CVE ID:\nCVE-2009-1698\n\n-- Affected Vendors:\nApple\n\n-- Affected Products:\nApple Safari\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 8043. \n\n-- Vendor Response:\nApple has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttp://support.apple.com/kb/HT3613\n\n-- Disclosure Timeline:\n2009-03-26 - Vulnerability reported to vendor\n2009-06-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n    * Thierry Zoller\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n    http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n    http://www.zerodayinitiative.com/advisories/disclosure_policy/\n. ===========================================================\nUbuntu Security Notice USN-857-1          November 10, 2009\nqt4-x11 vulnerabilities\nCVE-2009-0945, CVE-2009-1687, CVE-2009-1690, CVE-2009-1698,\nCVE-2009-1699, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713,\nCVE-2009-1725\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.10:\n  libqt4-webkit                   4.4.3-0ubuntu1.4\n\nUbuntu 9.04:\n  libqt4-webkit                   4.5.0-0ubuntu4.3\n\nAfter a standard system upgrade you need to restart your session to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that QtWebKit did not properly handle certain SVGPathList\ndata structures. If a user were tricked into viewing a malicious website,\nan attacker could exploit this to execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2009-0945)\n\nSeveral flaws were discovered in the QtWebKit browser and JavaScript\nengines. (CVE-2009-1687,\nCVE-2009-1690, CVE-2009-1698, CVE-2009-1711, CVE-2009-1725)\n\nIt was discovered that QtWebKit did not properly handle certain XSL\nstylesheets. (CVE-2009-1699, CVE-2009-1713)\n\nIt was discovered that QtWebKit did not prevent the loading of local Java\napplets. If a user were tricked into viewing a malicious website, an\nattacker could exploit this to execute arbitrary code with the privileges\nof the user invoking the program. (CVE-2009-1712)\n\n\nUpdated packages for Ubuntu 8.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.diff.gz\n      Size/MD5:   116770 f73a330179df7d453f50b286ea3a2c7a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.dsc\n      Size/MD5:     2506 711cb90dfd206bd6553dbe0fb8ecd1e2\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz\n      Size/MD5: 112939803 376c003317c4417326ba2116370227d0\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.4.3-0ubuntu1.4_all.deb\n      Size/MD5: 25758932 0b783fa95d4d41487e58d43823806355\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.4.3-0ubuntu1.4_all.deb\n      Size/MD5: 52821772 7d1f3762baf09178176e99e41a502a2b\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    19104 bdc4880e85e007e64d6c5fe8c7c1d81e\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:     7560 b65d2d20cdac05a7e8a04c7b51bc6417\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5: 87571534 73643e89deb481e7a42785d6c65b4594\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   216798 85994fe5c3b286b137ec4f8f3ed9d55a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  2046478 9f4f973c93c20f88838b3b0e48548c75\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  5880176 87946243b9f91e6421a8275417bbecd5\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:     7548 df209948939090506a2f3315aa8bb63a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   213524 556f130d7e1c1ec8f3c427888715807a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   432962 a8f5b6db939fd74616b7e666d32dbcbb\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    42350 6281fc06f2395d8462c2fd30ea3f1883\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   162238 3379fc614bd58cc9647b8c40782a45f3\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  1352676 528c9e209ba652d994292fbfb461cb60\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   435712 af2919097110286db882cba8c40958e1\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    34384 438d61efc4b1ec7af46ff7aaf15b9a8c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    47234 692ccc3fdd023fa61b1646b3a1073e29\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    39112 cf94d41a0a91e71d3e6a7905705020c8\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    22452 4a020d5b8e2ff02532af056a6765af52\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    26432 5492f45d25d4dfb271318f662db0e50c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   109136 0bde853eb0fef921984e5b9b24695a65\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   160746 b8a19545836d673dda2d1cad49901e5b\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:    38064 61ee9cd2c51286c698ba738fbd8e4d13\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5: 53511494 25179f43545ee4f15fa70ff1c4211c66\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  3427782 f3c50589e42291ac643390b3b5056ad3\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   114482 7858ea28ed0ae9e48ebe2d5ebca219ab\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5: 13447008 3b146e17a13acfa50bfa6759232821e1\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   805718 d14b956e7b2c494ef5e359dff2bdb8fd\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  2094928 fad1c4be4f9242977cbb6c191ec19f09\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  4249322 cefb0f909b1913edd97aae55a4ef09c0\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5: 10502594 4af5ca52a2316f9290d0a99bd1683127\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   386118 35fd3567e5eaf2ecaefab37fe3f21701\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:  1507998 8254b4ed13728d957ebf41f74d391c6b\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_amd64.deb\n      Size/MD5:   110220 8e379f1af97edacc7f40037fa342af7b\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    19202 2303fd6083a47fe5b85ee1e46ff1ff7c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:     7556 30aabb9f249114d86f823795f7e621ff\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5: 86379828 eb07fdc2dcecb0f26707148362bb70ce\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   216268 96e19c8dc017357682acac62896c5b40\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  2072946 2fc1d9101e2132e43161e2fb600f886a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  5705332 24d5a30fd21ecae4ca3d5bf570b8347d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:     7548 527eb6b3bc6fc6fa3d7a4d26c967c919\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   212706 7bb944917c1fb9be6ce6b1cd056afca1\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   437368 f086dacfa27998d93fd8f093b0bacce3\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    42348 a2427fa3317fe01341ebe66ee3388c47\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   161130 2c4ebc05d22e3299359b9c64bcb8c3fd\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  1366348 68fef30b16caa835cd6330eec7c5c346\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   420458 ac91fb37161830ba3e0fd4b884639afd\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    33724 868ace8cd8b514b367db48a95217035e\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    47056 c918217593ebc473fc3d050285bec49d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    38336 650d40a12071e2a04316edc5860788d1\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    22002 9087daddd7762b1df7a4b9df34166521\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    25898 06bcb1cfcb2df47e758bb89946f9aac6\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   108838 3f80ec6192ebdfd8807450a8aeac928a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   158310 24cf265a2f29818beb73709197bef2c3\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:    37122 b536ef0ebc0dcfa6167cd4285e2ec19d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5: 53126238 bc4c62409883fd6034f07baf1a765853\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  3241850 27d0122caabe919c984b0ff1f59334f9\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   112012 130f929f42286ce4927feb7f3dbd8d18\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5: 13302092 2deee7794c76d799c789a56c38147d8a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   758112 980c7e2f807f29c95ef51feee1bd6f87\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  2086300 e1d521ac4ef50e82235b61b0b0309c2a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  4285842 f79cbd461f5986a686e35b77e8838c7c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5: 10346058 cd6b5dd99cc2496e60f65303a4d861e7\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   377632 0adfcc3c280368f734658d611c7f0c69\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:  1487606 2f2e1e5f10fb8a9bbd94c647ae355135\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_i386.deb\n      Size/MD5:   109322 661b18bee424dcc2a108e960dbe51188\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    19118 975962361f82c04fe938397d732d5679\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:     7556 5e9705e3675d4882a9040da75d934db7\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5: 86616234 5f8f6362ef3e45674f8c1480933f4714\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   218292 d89f63624713a3e9f34a7622fd754830\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  2075540 088236f1cb51516af7efb07eb9e859a5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  5791558 693f36209c7728b4da4b3e2a310a2730\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:     7546 765882dd4710771b9f01801c34173f17\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   215380 3000fb6b96014944c85f69d9be1e9314\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   439662 ca410c727f89f68f88ed7c32f08c7496\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    42346 d8670500e205ba66ca588d2020eb6e9b\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   163154 044e27e36b057295b8312b3326bb6d70\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  1369342 9945efb11009af3f7f875f4aa70c7fd1\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   429370 47ffb00ebb1918ae6b638872a76412b4\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    34006 b11c44e3a7e1d5ba2277e981de8928d5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    47638 803c079d0a531b0a84043fc1f7c87d58\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    38608 054c5fa2ddbd80efd168dc072e951e0e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    21992 ca7ada6adc17a99b713920b6452b2f87\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    25962 547542c994e3777e900287da869be0e7\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   108930 48566fe567ab5e3ae14185608cc5bd3a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   159630 48eb3c78b4c28d745ef6862e9f5cac17\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:    37444 695be042708d936061c289d78c86cd77\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5: 53250108 4e06206559a3470bad0730e8aec7e615\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  3227648 acbd67fa1648ca9ad1e10f021e66f8d2\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   110938 bae7d2f0c2c13b33123357102f19cba7\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5: 13316918 c5c409330384ba74489646dabbe9e1a8\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   749270 375901cd31337ffcce0677bef73b8e2b\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  2086296 46b733dc7e08126af4b343287396b051\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  4299788 efc7837ecb1aff0917414f020f4f7710\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5: 10380362 ee64ccc2462a1767363119ab130f86fb\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   382986 c5c48c0dc497b68bd661eea92b5678b8\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:  1501518 06d78b9cb426e70bc1823f755b47cb16\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_lpia.deb\n      Size/MD5:   111312 2d5f5829685d661dc3b7408c99233f57\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    21316 45b1ea5b5050b2c0c876872af540089a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:     7562 4dea3a46b67dca117f5c8924389b90ef\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5: 90621650 d41925c8e7b667daed298626937652ab\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   226524 48a6eaf02c23089cdf5271b81386ac8c\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  2127276 685f37c1fdc371cfac83711b1dcbe425\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  5876318 f9777dc66d06e8a241a1a08171eca1ce\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:     7546 446de6e1e94e17f515641bd91bc34e0f\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   221776 ed54fe99be13d94c994a8dc27a16d0e5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   459056 586952d7ae2b7729d95db536f40b87b1\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    42336 2d51e9ef35064b75b94ff171ca51cbd0\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   173132 a8dce02d86a0341b4e73830baa2ff6ae\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  1435512 9fe6abc1dbc92dba076b088154406ae2\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   438202 72b3f451ee05252b81ff73fa22071b71\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    36940 2ff0cfbae3265612c7bfe005333dee20\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    49810 f6ba70b43ec1b6e504b047dad346eb25\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    41498 9d558baba4e4fbae203a9f72c1c8c150\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    24746 af57d713a5d1e216e350dc70ff7e76e0\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    28826 709982084d93ca6f9eca9e8554cac7ee\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   117160 56cb8f90e619174bde6f8da70d7deb21\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   172392 9598ce1608394ee2888309a6d2c4c943\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:    41680 5cd082858ca6bf4ed2c67556508ff8d5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5: 55519220 92115cc894051fa7bdb29eb6a2f8f088\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  3486770 24e725bf0c47a1108692f4bdd46d23fd\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   121160 944ca0755f1b8057c286f6d3c2e1f8ec\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5: 14047876 e1523a10c866ca8dc124947a25aeb34c\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   835254 d7dda3b37da92ca6cba70f941964a371\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  2188324 66bd658c0d8f80205ce8aa741a5c25d6\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  4537294 211ff93e7c8e41ee2881baec57f87b32\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5: 10999204 84090af5c87a89d7d696d00baaf87493\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   391756 7ebc072d2a2750262bb6cb1587c5505d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:  1530908 3fe67007771638ba35c2935a3432d1e6\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_powerpc.deb\n      Size/MD5:   111696 1a4f101db96d252c9a93b23f9c20f1fe\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    19006 53bc0f17fdc2e7e10938a259b30710c3\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:     7560 3b86547b62162ec391f7945b0a71bbea\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5: 86584472 1490ec1af2900f0515fadf3d10b1c8b1\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   214836 b52c445f198c5d4c2fef5d0110862ed3\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  2082186 a59e474cf1aea5faa97d3c2f38b79768\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  5813064 0b29c127800c828ad782ea08f9869b95\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:     7548 9784e2fd6bad6b99dec68f28bf95c013\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   221416 98421a8a2735b28ec69a79dcb12bc36a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   434660 08d518f50779ab7696a49d5789983d08\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    42328 c483fc06c701a311895a8f912594d0ce\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   162370 6a1a2f6940287071f83b69dd0a2074ff\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  1351514 4971ee99b0763cdb1b95a350ca97b725\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   427020 65ee12f6a206cad658d7b4b51cac1c36\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    33654 125d67bc7a3343e16141209ae295f51b\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    46336 97bf93bcf238fb612b6db5254e72bf4e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    38482 3e45668f681c73fe5b2f487e76af92bd\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    21700 6ee8cccd7f120782d7ae07d799adea37\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    25726 14c6e1834745ecf8c24d215bacc7273b\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   109626 46c957419dcf1328dc6e625f5044e087\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   157736 a15b042b86fd9af64e5818867a7bc971\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:    36972 2e4f695e58caf79d93f7f929a3f5154a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5: 54818118 ca0d50eb86ac4c4ed69bbfaac082b78d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  3678126 639241e858bdf4bb280b8c9e24b945e8\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   114956 a7d5d4e9c6eb7a28d607a40b72563279\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5: 13545692 049544460c82e22450aee8e5d9db6110\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  1029752 3fefe6c4a287a6a59acf2494882e8757\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  2101436 2589e4a81b28459d1e1b9002b5402674\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  4283628 d2ed704202357f329e22cf5995f62651\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5: 10561886 6cb80130934f4dc83f3449c788251372\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   393816 50f8e31568a792c275dfb5dbbb75d2ab\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:  1542060 e2e1180c629e4d08a56c506b482e2ca3\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_sparc.deb\n      Size/MD5:   113046 ca0bdbedc0b649fc9745a9c356c2f6e3\n\nUpdated packages for Ubuntu 9.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.diff.gz\n      Size/MD5:   113724 cf59da7b0c09550ff78b6164e87ee131\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.dsc\n      Size/MD5:     2606 d75ba3f2a8b7a0fc5f17a6d013fd3466\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0.orig.tar.gz\n      Size/MD5: 125349021 ffbb1aaea2d538df7ec7694cd68750df\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.5.0-0ubuntu4.3_all.deb\n      Size/MD5: 24035224 db61f130680cbfecaee7b2076d9b5b4b\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.5.0-0ubuntu4.3_all.deb\n      Size/MD5: 51777244 2c5967ae92de35d935f22bb8cefdb7fb\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    11622 737452fbf1eb644732601da4afe86d56\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:     2310 4ab7edba7c683c4cd436ca6f6e43cc07\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5: 49977848 5a39a981a5a46f5b9833856aa8bd75ab\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   175462 33f715129fcbb8fe17cbf233afdd2735\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  1798666 b0abe77a5b60e101b8a4f796cee35b9d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  6442006 3ec2ed8e896375977496d8aaba00fc0f\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  2442216 55bcb4ba4d60f160adee52790f282bf5\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:     2300 b0ee4bbf483c8037799882f47a9ec95b\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   169046 f5cec0a5df796752c97289a7599a547f\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   379932 4a675e3de3c9ffeda60720b389dded9b\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    31006 6e065ba12e303945dfd4969c7b0e6108\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   150338 1389003b28ca5f92e5bb8c9577a36fbb\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  1033060 00e3845cefc2c24d676c64215cd3c1a4\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   349792 3a0b31c3ad9667c03ecd37efc863e27c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   216816 66d2b7a90f14393d259bf12068f44a0a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    24020 787039fb8afe166961e56b21020c45c4\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    38326 8363daf729bf199a14566ed0054cb110\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    27504 cb2ea2f84ea939edcf662024a81187bf\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    14198 087d5a3f0143d20d87b346e1ef04b2e6\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    17152 4ec3302c7e7b40f41f276883eb1f9cf1\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    85832 94f0d14fcfc19c8dfd1a36a29a2d5825\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   129138 a32e5231e108b2f1c869b3631fc98dfe\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    41274 4450aea1e1c1078de1d6d43a77d80ef4\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5: 58479264 76487ff20906b41662cacb4cd8c4eedc\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  3635668 5d869921403fc9d4e1994b81b92ef122\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    87132 e9da8588cdb3f8995cb440d172f39a56\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  5521678 207d3c7382e7f7dab949b4761c819b67\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   653750 302a9fd3b69b1d41b8e65cd00a4a38b7\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  1490876 a5d562105e8c1d6f14e6c9e38f2f7c1f\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  3589934 59404b3094771d8d30fa4085456661b4\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5: 24216220 10b8cd267a0d68a7a2a08327e1db059a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  5480184 36ccc9b88e638cf13f3cfce9610d778b\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:   247710 0021d694f10622ef0faac30d8f05ed6a\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  6913490 044d9347469b06b3b5c9a52708fb22d6\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  1826192 35ab7279b9e9fe1e93d8c754e0a53f73\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:  1301118 10986e4c5ec819a976b7e49161939a16\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_amd64.deb\n      Size/MD5:    81282 14ffbbbb5b74a10ff0337d6a08fac291\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    11598 8db87ef71449e31c1ab389e26e305793\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:     2314 ed908ab64c8ddc432935230e227df32c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5: 48872540 78c072e9fc494fedd3e56ba2e6c5b14f\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   175422 3d97854e70da9c80dd6187a43c273da2\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  1821098 5c0b22bf30f5c0ad3e8e9c35fa29241d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  6222664 8dc2d38b512ae20cf6c0e48f35446e55\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  2426558 bd753136ff81b7879b6d26bd5e6ccbeb\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:     2302 96334f4e93762dd1a28ce34f6b6855dd\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   170522 4f124c0feff569d3a7aaf7a537fa5ede\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   386636 39614ce0a48380ec9c9b82b52d46fc48\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    31006 b8e6ffba684bb6aecfe7cf547d069591\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   150268 fd9fc1d937cc2186a241085727f69e45\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  1047674 917768ee99ad30e46d8ea162ba2a55a0\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   345124 783e3146d1d15e7e4b56177c2551dc8c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   219532 dd4402ef905fe36edc219977b8b56522\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    23490 e3ae808d9546d39b318f2032a3efb2ed\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    38370 c3912b46f9819db92995814578905aaa\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    26944 6942237ccbe925f91da83a58d80257dc\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    13910 24fd6fdd62a853df103ccc5eb23f3ae9\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    16950 224500aeec4ee6c0bda83f1979f556b7\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    85482 35f8861a0f387877d757af2a4bcb74fb\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   127134 74b396cfbdfd52fc01a5b44feafddf40\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    40384 850f651e7b3692dd8f0359e1f6fa9912\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5: 59567434 bbf0c15e2947f809171025aecd169bf2\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  3642492 ccd71c16c7d07bd4883700a95a7e310d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    85662 fc005d23610c7815031ccf67e44d57c2\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  5446004 9ceeb69be14e99aa371c34c48e0dd8e1\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   631616 58a2c5664efbc4969e273be8d3e51cb2\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  1495212 280e8771adeb6e48a31c1c00c65d097d\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  3638476 617f09457809107814b139fdaa11b2cd\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5: 23695874 19d12080a314954ef6184589c6e6ef64\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  5411704 8ffd319dca0814ec7bf90e392c79d75c\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:   242498 cf300d706f60b14c9bdb26d38dfca4fc\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  6733760 802cb485899ba1684255b4189383e2a2\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  1801834 c95b326cd5047777a9b62cf96b842dfc\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:  1275490 744e112dc6d57749d4e7c66043162d48\n    http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_i386.deb\n      Size/MD5:    80198 e4025eafa9ef6f848712cbb5d305da0b\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    11586 35392a8aec66b9f6a80a3f37989a3e84\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:     2310 bba9237a24419b96e34626f301cb53a1\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5: 49102028 35a51944c0b80faa25212c2e5d42af3a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   179254 4dad09ed33bbf71e210fe99628eb8e5d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  1845654 a3ccab02027a27ab368b4d76961f44d8\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  6301482 e970557325b93c7d3c82fc04e051ad5c\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  2460502 bd49c126c36b95c63b6356728557cdbb\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:     2300 24c70a2289d01c6f1a675f18bd83fb0d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   174932 e0b29a559a038c9e52d450d3063ae1c3\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   392598 cd76e9d7fbb3946eed667e73ff44350d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    31002 85d63a39a01b18e425b60aa7f70fce23\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   154532 5d40f8b45c5cc367eb56e35680b3f81d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  1063636 29e972e6c664c9d7f49f6ecb57b7249e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   349202 6e483f50400f9bb3322d12d4cd2088a8\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   221612 f5cf566f6fae3460c4ffe038a2ca45eb\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    23800 a5e1ba153e219d5de887ab2f4c331724\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    39248 e2a9bf4f5860c536b5f6bb2dd36080ff\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    27270 6757ef004282dbcb41911519832e665c\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    13914 60e0b2ff89e2fcb170a9bad22fa5a426\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    17028 dc8248f423afcf49684aff36461b1928\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    86128 0013e3a3d503cd8930215ced2bb7e781\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   129896 502e1b866f8b4c93557ccfe37cf84ffd\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    40860 42258f710eafde8ba98cf0d70ed62bbe\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5: 59829124 f5e6ca21fab5632def632f1980d72968\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  3663718 3c60d09c9701b8583ee9b3ea63df1e09\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    85456 f4cd1db01939e7bea4cf1a14350318d0\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  5462674 73f928cbc1e2ab2a8b0cb35750e33363\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   635968 2ba32c9934c37fb858ef293861296660\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  1503558 71a10407ee8e2b0d8faca71803516543\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  3703968 70254633149e0177b8f40306e1c40119\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5: 23831210 a47cc662c799d56d39a098a55c7ff860\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  5460356 d0f2731a66583fca365275b4bf15bd43\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:   247224 45221df9fac6b935e70f3d49f1641ec3\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  6766074 699d8557725cbc1d98b3facf908aa1af\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  1843474 1c07f5258466db532f77d046fc0464b4\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:  1316972 524683da13e66e47fa34a6ddb7067473\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_lpia.deb\n      Size/MD5:    82774 b3f8e382739f03da9cb94626a2f5211f\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    12608 f70d7f88f98c710f00b8dec826a14945\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:     2312 fc55af80a812eb5ffbf75ec3a7ee62aa\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5: 48136850 2863a8886de595c43068283ff45beb90\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   163234 3d9febce56214962ba436358228df2d4\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  1623414 d8dcdedae518133907c850aa8230bf56\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  6172098 8d8f8518ff54c90933966fe61729c7dd\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  2264658 67bb52a5f6d6b60300adfb85423c76ac\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:     2304 30e86f2760dac7fd3f47c476447bd941\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   157492 6739e773252eb1cd70806bdb96665439\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   360428 215dd6ef03babb6a638c45781bb26af2\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    30994 4b457917bdeb91ba6cfcc02d9e0f1e77\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   148258 ebf113910c60bf1e199cd0e76f8b3115\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   957976 4d49fb9926a4219667b31b76fb75f58e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   313972 4def22b0b2bf687f3d2f6a2f669230d5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   203240 d56786ea920eb436f4ccbef49260eb4a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    24312 b935bc753bd5ffdc7c97e542e55e0e6d\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    36972 a4079076c4edf8f0f2cd22be7866f2f6\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    27426 b36d025e2cf5335c15f6ee7d2314cf9e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    15134 3be81591afc0f3e5614d582a982e17e7\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    18100 dffa427f519211a592132e1d2a5a48e7\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    83246 0c963279944d17e32d467758e84728ec\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   124342 f21e4e8d73ec525468ac0265c1c6ed3e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    40800 721a48d0c19c7036ec6f7f3e8a1796e4\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5: 56672370 a1b88f4ee8294b49ebaab9ddd5fcf2df\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  3283702 f46252f44921409a43fa89af3a5b7e6f\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    83654 02ea31ab550db40086f5419daeb8bc24\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  5444754 86c71dabb153ac371a3a878a5bfa017f\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   582304 4ef1ec5872ab6fb0cfc33aef011dd051\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  1431880 fd055110524b4102c88431c9a094b6d5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  3356692 414febb0dcdc2224bbc4d322bf071471\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5: 23665304 69d7736174682533b91910e9e9c4e221\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  5394298 4f88263c866b42b011ac6f70b999aa63\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:   234970 a30574534ddc200af008c4aef6f830c9\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  6719304 be9f1a32584792b598c76560e7d4a75b\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  1681322 40d865a463a5d25a076bf6f55af65b90\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:  1135018 91e9ded3076f1f141d29895358b062fa\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_powerpc.deb\n      Size/MD5:    76466 1c75a4de6f3f7a61c41dc97c1ed3bc56\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    10942 a7a4483b64af47318cdabbde9976a65b\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:     2308 b0258f54da89aeda6b40cd6798e6f3ec\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5: 45231402 d00aea2071e583a895b6a89ff0234e12\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   151694 be8ca9b3ee9a1d47a98867c0aba4160e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  1577576 93f34052ac88e45426f7e45a9c12d206\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  5656966 83e7d65e9aa03882c9a0e20605230a69\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  2225980 eac4944686a27b18f3d0e3a0dbfacc17\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:     2302 c318da351836628e9c671eae39dafa9a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   151930 3adca0e45ff6ad23b8258a6717e645cb\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   339444 4bf57591f2c0cc91b69ec0dd1ad0fd30\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    30998 80ecbcd1452055000371a473d8d5fcf5\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   132308 d31962f23a576d6ed29b81d92107d353\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   895788 305fff66ad3943d35384fcb245391228\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   287534 0b5d15fd5302e8430dedad0a002a2503\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   195514 8073d183a54598751563df5efe14f135\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    21426 a8e378abcf5f61aa9085346481b2c7e0\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    31290 d18c888585cfc914c046777d61de2189\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    24464 1a69a86a46673d987ccd6d85f578ee0e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    12748 5538aadc52d0481f0512e2d87289dc15\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    15496 27b6dde8f85dda5c9bdaa7c165b639b4\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    75964 31c5dbb4d87a23faa146d7224df6fa02\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   109566 79711b8ffb0fb8ea2afa7582375449d4\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    36522 c2f8d5c388c435d666a7339ecf4829df\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5: 56966338 c120bb1bb4e2edde9bd6349db63bc76a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  3409284 28669d24488ef04d5bca9220839f7767\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    76352 70dd584dc3c8c9964b427ce0ed3fe5a6\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  5165042 73f9ba9346195ffacf82f84d1ba44c03\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   660376 90e3f41308b8bb4188314c4ec57069a0\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  1352448 0661edc6b955441c5feeb681fe740831\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  3175982 7a704629253865d41165a33e60a57763\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5: 22594146 b071a350741d3c8ee3094c887839108e\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  5333208 d0538ce1add58ae9eb2709a28aace8bd\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:   233350 bc5b53dfcba69468f73eabd6988a3a62\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  6177274 233d55a34a9c290561f714970196859a\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  1678528 27d97ffe2e9c93cf2412004d03a793fe\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:  1093456 20100354350ea3a0150400a593fbb401\n    http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_sparc.deb\n      Size/MD5:    76636 6aa6be976ebfa14c11ef8ae811cfb711\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1950                  security@debian.org\nhttp://www.debian.org/security/                      Giuseppe Iuculano\nDecember 12, 2009                   http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage        : webkit\nVulnerability  : several\nProblem type   : remote (local)\nDebian-specific: no\nCVE Id         : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698\n                 CVE-2009-1711 CVE-2009-1712 CVE-2009-1725 CVE-2009-1714\n                 CVE-2009-1710 CVE-2009-1697 CVE-2009-1695 CVE-2009-1693\n                 CVE-2009-1694 CVE-2009-1681 CVE-2009-1684 CVE-2009-1692\nDebian Bug     : 532724 532725 534946 535793 538346\n\n\nSeveral vulnerabilities have been discovered in webkit, a Web content engine\nlibrary for Gtk+. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2009-0945\n\nArray index error in the insertItemBefore method in WebKit, allows remote\nattackers to execute arbitrary code via a document with a SVGPathList data\nstructure containing a negative index in the SVGTransformList, SVGStringList,\nSVGNumberList, SVGPathSegList, SVGPointList, or SVGLengthList SVGList object,\nwhich triggers memory corruption. \n\n\nCVE-2009-1714\n\nCross-site scripting (XSS) vulnerability in Web Inspector in WebKit allows\nuser-assisted remote attackers to inject arbitrary web script or HTML, and read\nlocal files, via vectors related to the improper escaping of HTML attributes. \n\n\nCVE-2009-1710\n\nWebKit allows remote attackers to spoof the browser\u0027s display of the host name,\nsecurity indicators, and unspecified other UI elements via a custom cursor in\nconjunction with a modified CSS3 hotspot property. \n\n\nCVE-2009-1697\n\nCRLF injection vulnerability in WebKit allows remote attackers to inject HTTP\nheaders and bypass the Same Origin Policy via a crafted HTML document, related\nto cross-site scripting (XSS) attacks that depend on communication with\narbitrary web sites on the same server through use of XMLHttpRequest without a\nHost header. \n\n\nCVE-2009-1693\n\nWebKit allows remote attackers to read images from arbitrary web sites via a\nCANVAS element with an SVG image, related to a \"cross-site image capture issue.\"\n\n\nCVE-2009-1694\n\nWebKit does not properly handle redirects, which allows remote attackers to read\nimages from arbitrary web sites via vectors involving a CANVAS element and\nredirection, related to a \"cross-site image capture issue.\"\n\n\nCVE-2009-1681\n\nWebKit does not prevent web sites from loading third-party content into a\nsubframe, which allows remote attackers to bypass the Same Origin Policy and\nconduct \"clickjacking\" attacks via a crafted HTML document. \n\n\nCVE-2009-1692\n\nWebKit allows remote attackers to cause a denial of service (memory consumption\nor device reset) via a web page containing an HTMLSelectElement object with a\nlarge length attribute, related to the length property of a Select object. \n\n\n\nFor the stable distribution (lenny), these problems has been fixed in\nversion 1.0.1-4+lenny2. \n\nFor the testing distribution (squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 1.1.16-1. \n\n\nWe recommend that you upgrade your webkit package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,\nmips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1.orig.tar.gz\n    Size/MD5 checksum: 13418752 4de68a5773998bea14e8939aa341c466\n\nhttp://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.diff.gz\n    Size/MD5 checksum:    35369 506c8f2fef73a9fc856264f11a3ad27e\n  http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.dsc\n    Size/MD5 checksum:     1447 b5f01d6428f01d79bfe18338064452ab\n\nArchitecture independent packages:\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1.0.1-4+lenny2_all.deb\n    Size/MD5 checksum:    35164 df682bbcd13389c2f50002c2aaf7347b\n\nalpha architecture (DEC Alpha)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb\n    Size/MD5 checksum: 65193740 fc8b613c9c41ef0f0d3856e7ee3deeae\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb\n    Size/MD5 checksum:  4254938 252b95b962bda11c000f9c0543673c1b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_amd64.deb\n    Size/MD5 checksum:  3502994 4a96cad1e302e7303d41d6f866215da4\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_amd64.deb\n    Size/MD5 checksum: 62518476 d723a8c76b373026752b6f68e5fc4950\n\narm architecture (ARM)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_arm.deb\n    Size/MD5 checksum:  2721324 1fac2f59ffa9e3d7b8697aae262f09e4\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_arm.deb\n    Size/MD5 checksum: 61478724 260faea7d5ba766268faad888b3e61ff\n\narmel architecture (ARM EABI)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_armel.deb\n    Size/MD5 checksum:  2770654 5b88754e9804d9290537afdf6127643a\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_armel.deb\n    Size/MD5 checksum: 59892062 99c8f13257a054f42686ab9c6329d490\n\nhppa architecture (HP PA RISC)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_hppa.deb\n    Size/MD5 checksum:  3869020 c61be734b6511788e8cc235a5d672eab\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_hppa.deb\n    Size/MD5 checksum: 63935342 f1db2bd7b5c22e257c74100798017f30\n\ni386 architecture (Intel ia32)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_i386.deb\n    Size/MD5 checksum: 62161744 f89fc6ac6d1110cabe47dd9184c9a9ca\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_i386.deb\n    Size/MD5 checksum:  3016584 b854f5294527adac80e9776efed37cd7\n\nia64 architecture (Intel ia64)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_ia64.deb\n    Size/MD5 checksum:  5547624 2bd2100a345089282117317a9ab2e7d1\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_ia64.deb\n    Size/MD5 checksum: 62685224 5eaff5d431cf4a85beeaa0b66c91958c\n\nmips architecture (MIPS (Big Endian))\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mips.deb\n    Size/MD5 checksum:  3109134 a680a8f105a19bf1b21a5034c14c4822\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mips.deb\n    Size/MD5 checksum: 64547832 dd440891a1861262bc92deb0a1ead013\n\nmipsel architecture (MIPS (Little Endian))\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mipsel.deb\n    Size/MD5 checksum:  2992848 952d643be475c35e253a8757075cd41b\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mipsel.deb\n    Size/MD5 checksum: 62135970 7cd635047e3f9bd000ff4547a47eaaec\n\ns390 architecture (IBM S/390)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_s390.deb\n    Size/MD5 checksum:  3456914 6fc856a50b3f899c36381ed8d51af44e\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_s390.deb\n    Size/MD5 checksum: 64385860 98ded86952a2c6714ceba76a4a98c35b\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_sparc.deb\n    Size/MD5 checksum: 63621854 f0dd17453bc09fdc05c119faf2212d70\n\nhttp://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_sparc.deb\n    Size/MD5 checksum:  3499170 3f2084d6416459ce1416bd6f6f2845e3\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAksjbAYACgkQNxpp46476aqm7wCaAk6WARfBzzrdYYoxAUKA5weL\nV5YAmwRkz4XNwdcqnPzdeDzoakljqf1s\n=DBEQ\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. \nFell quite behind on this one, here it is. \n___________________________________________________________________\n\n      Phone \u0026iPod Touch - Remote arbritary code execution\n___________________________________________________________________\n\n\nReference : [GSEC-TZO-45-2009] - iPhone remote arbritary code execution\nWWW       : http://www.g-sec.lu/iphone-remote-code-exec.html\nCVE       : CVE-2009-1698\nBID       : 35318\nCredit    : http://support.apple.com/kb/HT3639\nDiscovered by : Thierry Zoller\n\nAffected products :\n- iPhone OS 1.x through 2.2.1\n- iPhone OS for iPod touch 1.x through 2.2.1\n\nI. Background\n\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\nWikipedia quote: \"Apple Inc. (NASDAQ: AAPL) is an American multinational corporation which designs and manufactures consumer electronics and software products. The company\u0027s best-known hardware products include \"\n\nII. Description\n\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\nCalling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code. \n\nIII. Impact\n\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\nArbitrary remote code execution can be achieved by creating a special website and entice\nthe victim into visiting that site. \n\nIV. Proof of concept\n\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\nNone will be released\n\n\nVI. About\n\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\\xa8\nG-SEC ltd. is an independent security consultancy group, founded to\naddress the growing need for allround (effective) security consultancy \nin Luxembourg. \n\nBy providing extensive security auditing, rigid policy design, and \nimplementation of cutting-edge defensive/offensive systems, G-SEC \nensures robust, thorough, and  uncompromising protection for \norganizations seeking enterprise wide data security. \n \n This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,\n which brings many bugfixes, overall improvements and many security\n fixes. \n \n kdegraphics contains security fixes for\n CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183\n \n kdelibs contains security fixes for\n CVE-2009-0689,1687,1690,1698,2702,1725,2537\n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2009-1698"
          },
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          },
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          },
          {
            "db": "PACKETSTORM",
            "id": "85920"
          },
          {
            "db": "PACKETSTORM",
            "id": "83708"
          },
          {
            "db": "PACKETSTORM",
            "id": "85663"
          },
          {
            "db": "PACKETSTORM",
            "id": "78171"
          },
          {
            "db": "PACKETSTORM",
            "id": "82662"
          },
          {
            "db": "PACKETSTORM",
            "id": "83759"
          },
          {
            "db": "PACKETSTORM",
            "id": "79546"
          },
          {
            "db": "PACKETSTORM",
            "id": "84482"
          }
        ],
        "trust": 2.34
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-39144",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2009-1698",
            "trust": 3.2
          },
          {
            "db": "ZDI",
            "id": "ZDI-09-032",
            "trust": 2.5
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1522",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-1621",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2011-0212",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "37746",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "36790",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35588",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "36062",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "35379",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "43068",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "36057",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "35260",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "35318",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1022345",
            "trust": 1.7
          },
          {
            "db": "OSVDB",
            "id": "55006",
            "trust": 1.7
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-441",
            "trust": 0.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "79546",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "78171",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-39144",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "85920",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83708",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "85663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "82662",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "83759",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "84482",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          },
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          },
          {
            "db": "PACKETSTORM",
            "id": "85920"
          },
          {
            "db": "PACKETSTORM",
            "id": "83708"
          },
          {
            "db": "PACKETSTORM",
            "id": "85663"
          },
          {
            "db": "PACKETSTORM",
            "id": "78171"
          },
          {
            "db": "PACKETSTORM",
            "id": "82662"
          },
          {
            "db": "PACKETSTORM",
            "id": "83759"
          },
          {
            "db": "PACKETSTORM",
            "id": "79546"
          },
          {
            "db": "PACKETSTORM",
            "id": "84482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1698"
          }
        ]
      },
      "id": "VAR-200901-0700",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:52:31.273000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "Apple has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "http://support.apple.com/kb/HT3613"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-94",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1698"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://support.apple.com/kb/ht3613"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht3639"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00005.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/35260"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/35318"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/archive/1/504173/100/0/threaded"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/archive/1/504295/100/0/threaded"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2009/dsa-1950"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01200.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01177.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01199.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-july/msg01196.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:330"
          },
          {
            "trust": 1.7,
            "url": "http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-09-032/"
          },
          {
            "trust": 1.7,
            "url": "http://osvdb.org/55006"
          },
          {
            "trust": 1.7,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9484"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2009-1128.html"
          },
          {
            "trust": 1.7,
            "url": "http://securitytracker.com/id?1022345"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35379"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/35588"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/36057"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/36062"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/36790"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/37746"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/43068"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-822-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-836-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-857-1"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2009/1522"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2009/1621"
          },
          {
            "trust": 1.7,
            "url": "http://www.vupen.com/english/advisories/2011/0212"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1698"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1725"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1687"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1690"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0945"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1711"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1712"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1687"
          },
          {
            "trust": 0.3,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2702"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1690"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2537"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1698"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0689"
          },
          {
            "trust": 0.3,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0689"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1725"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2702"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2537"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.2,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1699"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1713"
          },
          {
            "trust": 0.2,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.2,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc_4.4.3-1+lenny1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-doc-html_4.4.3-1+lenny1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3-1+lenny1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2700"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-psql_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-designer_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dev_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-demos_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-script_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-ibase_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-svg_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtgui4_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-test_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-help_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xml_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-qt3support_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-gui_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-x11_4.4.3-1+lenny1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-core_4.4.3-1+lenny1_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-network_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbus_4.4.3-1+lenny1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-designer_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-dev-tools_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-assistant_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-sql_4.4.3-1+lenny1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qtconfig_4.4.3-1+lenny1_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-dbg_4.4.3-1+lenny1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/qt4-qmake_4.4.3-1+lenny1_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqtcore4_4.4.3-1+lenny1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/q/qt4-x11/libqt4-opengl_4.4.3-1+lenny1_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0945"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com/advisories/zdi-09-032"
          },
          {
            "trust": 0.1,
            "url": "http://www.tippingpoint.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.zerodayinitiative.com"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.4.3-0ubuntu1.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3-0ubuntu1.4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc-html_4.5.0-0ubuntu4.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.4.3-0ubuntu1.4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns-dbg_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl-dev_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-opengl_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.4.3.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-help_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-designer_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev-dbg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-scripttools_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-mysql_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-designer_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-mysql_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-webkit-dbg_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xml_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-opengl-dev_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-webkit_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xml_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-sql-sqlite2_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtcore4_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbg_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-doc_4.5.0-0ubuntu4.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqtcore4_4.4.3-0ubuntu1.4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-designer_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-script_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qtconfig_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-dev-tools-dbg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqtgui4_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dev_4.4.3-0ubuntu1.4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-sqlite_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-qmake_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-gui_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-help_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-core_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-qt3support_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-dbus_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-x11_4.5.0-0ubuntu4.3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-dbg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-psql_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-sql-odbc_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-network_4.4.3-0ubuntu1.4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/libqt4-designer_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-svg_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-test_4.5.0-0ubuntu4.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-assistant_4.5.0-0ubuntu4.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/q/qt4-x11/qt4-demos-dbg_4.5.0-0ubuntu4.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/q/qt4-x11/libqt4-xmlpatterns_4.4.3-0ubuntu1.4_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1697"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1.0.1-4+lenny2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1681"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1692"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1714"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1694"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1710"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1693"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1684"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1695"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/webkit_1.0.1-4+lenny2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1-dbg_1.0.1-4+lenny2_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_1.0.1-4+lenny2_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.g-sec.lu/iphone-remote-code-exec.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0147"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1180"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1179"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1182"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1181"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3605"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0166"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0146"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3603"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0166"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3606"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0800"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0799"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3609"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0165"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0147"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0799"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0165"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1180"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1183"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3608"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1182"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0800"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1181"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3604"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1179"
          },
          {
            "trust": 0.1,
            "url": "https://qa.mandriva.com/56485"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0146"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-1183"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          },
          {
            "db": "VULHUB",
            "id": "VHN-39144"
          },
          {
            "db": "PACKETSTORM",
            "id": "85920"
          },
          {
            "db": "PACKETSTORM",
            "id": "83708"
          },
          {
            "db": "PACKETSTORM",
            "id": "85663"
          },
          {
            "db": "PACKETSTORM",
            "id": "78171"
          },
          {
            "db": "PACKETSTORM",
            "id": "82662"
          },
          {
            "db": "PACKETSTORM",
            "id": "83759"
          },
          {
            "db": "PACKETSTORM",
            "id": "79546"
          },
          {
            "db": "PACKETSTORM",
            "id": "84482"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182"
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1698"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-39144",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "85920",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83708",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "85663",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "78171",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "82662",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "83759",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "79546",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "84482",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2009-1698",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-06-08T00:00:00",
            "db": "ZDI",
            "id": "ZDI-09-032",
            "ident": null
          },
          {
            "date": "2009-06-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-39144",
            "ident": null
          },
          {
            "date": "2010-02-04T06:11:28",
            "db": "PACKETSTORM",
            "id": "85920",
            "ident": null
          },
          {
            "date": "2009-12-11T00:53:58",
            "db": "PACKETSTORM",
            "id": "83708",
            "ident": null
          },
          {
            "date": "2010-01-27T15:51:58",
            "db": "PACKETSTORM",
            "id": "85663",
            "ident": null
          },
          {
            "date": "2009-06-09T18:51:24",
            "db": "PACKETSTORM",
            "id": "78171",
            "ident": null
          },
          {
            "date": "2009-11-17T01:34:54",
            "db": "PACKETSTORM",
            "id": "82662",
            "ident": null
          },
          {
            "date": "2009-12-13T23:35:12",
            "db": "PACKETSTORM",
            "id": "83759",
            "ident": null
          },
          {
            "date": "2009-07-23T14:44:50",
            "db": "PACKETSTORM",
            "id": "79546",
            "ident": null
          },
          {
            "date": "2009-12-30T22:10:19",
            "db": "PACKETSTORM",
            "id": "84482",
            "ident": null
          },
          {
            "date": "2009-01-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200906-182",
            "ident": null
          },
          {
            "date": "2009-06-10T18:00:00.500000",
            "db": "NVD",
            "id": "CVE-2009-1698",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2009-06-08T00:00:00",
            "db": "ZDI",
            "id": "ZDI-09-032",
            "ident": null
          },
          {
            "date": "2018-10-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-39144",
            "ident": null
          },
          {
            "date": "2022-08-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200906-182",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2009-1698",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "85663"
          },
          {
            "db": "PACKETSTORM",
            "id": "78171"
          },
          {
            "db": "PACKETSTORM",
            "id": "79546"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "_id": null,
        "data": "Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-09-032"
          }
        ],
        "trust": 0.7
      },
      "type": {
        "_id": null,
        "data": "code injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200906-182"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201302-0150

    Vulnerability from variot - Updated: 2026-04-10 22:50

    Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. Note: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2013:0254-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0254.html Issue date: 2013-02-13 CVE Names: CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 CVE-2013-1373 CVE-2013-1374 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-05, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2013-0638, CVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647, CVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)

    A flaw in flash-plugin could allow an attacker to obtain sensitive information if a victim were tricked into visiting a specially-crafted web page.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

    1. Bugs fixed (http://bugzilla.redhat.com/):

    910570 - flash-plugin: multiple code execution flaws (APSB13-05) 910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-11.2.202.270-1.el5.i386.rpm

    x86_64: flash-plugin-11.2.202.270-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-11.2.202.270-1.el6.i686.rpm

    x86_64: flash-plugin-11.2.202.270-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-0637.html https://www.redhat.com/security/data/cve/CVE-2013-0638.html https://www.redhat.com/security/data/cve/CVE-2013-0639.html https://www.redhat.com/security/data/cve/CVE-2013-0642.html https://www.redhat.com/security/data/cve/CVE-2013-0644.html https://www.redhat.com/security/data/cve/CVE-2013-0645.html https://www.redhat.com/security/data/cve/CVE-2013-0647.html https://www.redhat.com/security/data/cve/CVE-2013-0649.html https://www.redhat.com/security/data/cve/CVE-2013-1365.html https://www.redhat.com/security/data/cve/CVE-2013-1366.html https://www.redhat.com/security/data/cve/CVE-2013-1367.html https://www.redhat.com/security/data/cve/CVE-2013-1368.html https://www.redhat.com/security/data/cve/CVE-2013-1369.html https://www.redhat.com/security/data/cve/CVE-2013-1370.html https://www.redhat.com/security/data/cve/CVE-2013-1372.html https://www.redhat.com/security/data/cve/CVE-2013-1373.html https://www.redhat.com/security/data/cve/CVE-2013-1374.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb13-05.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs pnyD10c/hdKGIm0b1Kjv3eY= =+cgh -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details.

    Impact

    A remote attacker could entice a user to open specially crafted SWF content, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass access restrictions.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.310"

    References

    [ 1 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 2 ] CVE-2012-5248 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248 [ 3 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 4 ] CVE-2012-5249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249 [ 5 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 6 ] CVE-2012-5250 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250 [ 7 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 8 ] CVE-2012-5251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251 [ 9 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 10 ] CVE-2012-5252 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252 [ 11 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 12 ] CVE-2012-5253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253 [ 13 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 14 ] CVE-2012-5254 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254 [ 15 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 16 ] CVE-2012-5255 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255 [ 17 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 18 ] CVE-2012-5256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256 [ 19 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 20 ] CVE-2012-5257 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257 [ 21 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 22 ] CVE-2012-5258 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258 [ 23 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 24 ] CVE-2012-5259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259 [ 25 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 26 ] CVE-2012-5260 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260 [ 27 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 28 ] CVE-2012-5261 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261 [ 29 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 30 ] CVE-2012-5262 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262 [ 31 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 32 ] CVE-2012-5263 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263 [ 33 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 34 ] CVE-2012-5264 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264 [ 35 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 36 ] CVE-2012-5265 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265 [ 37 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 38 ] CVE-2012-5266 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266 [ 39 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 40 ] CVE-2012-5267 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267 [ 41 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 42 ] CVE-2012-5268 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268 [ 43 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 44 ] CVE-2012-5269 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269 [ 45 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 46 ] CVE-2012-5270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270 [ 47 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 48 ] CVE-2012-5271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271 [ 49 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 50 ] CVE-2012-5272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272 [ 51 ] CVE-2012-5274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274 [ 52 ] CVE-2012-5275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275 [ 53 ] CVE-2012-5276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276 [ 54 ] CVE-2012-5277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277 [ 55 ] CVE-2012-5278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278 [ 56 ] CVE-2012-5279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279 [ 57 ] CVE-2012-5280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280 [ 58 ] CVE-2012-5676 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676 [ 59 ] CVE-2012-5677 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677 [ 60 ] CVE-2012-5678 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678 [ 61 ] CVE-2013-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504 [ 62 ] CVE-2013-0630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630 [ 63 ] CVE-2013-0633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633 [ 64 ] CVE-2013-0634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634 [ 65 ] CVE-2013-0637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637 [ 66 ] CVE-2013-0638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638 [ 67 ] CVE-2013-0639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639 [ 68 ] CVE-2013-0642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642 [ 69 ] CVE-2013-0643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643 [ 70 ] CVE-2013-0644 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644 [ 71 ] CVE-2013-0645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645 [ 72 ] CVE-2013-0646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646 [ 73 ] CVE-2013-0647 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647 [ 74 ] CVE-2013-0648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648 [ 75 ] CVE-2013-0649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649 [ 76 ] CVE-2013-0650 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650 [ 77 ] CVE-2013-1365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365 [ 78 ] CVE-2013-1366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366 [ 79 ] CVE-2013-1367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367 [ 80 ] CVE-2013-1368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368 [ 81 ] CVE-2013-1369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369 [ 82 ] CVE-2013-1370 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370 [ 83 ] CVE-2013-1371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371 [ 84 ] CVE-2013-1372 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372 [ 85 ] CVE-2013-1373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373 [ 86 ] CVE-2013-1374 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374 [ 87 ] CVE-2013-1375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375 [ 88 ] CVE-2013-1378 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378 [ 89 ] CVE-2013-1379 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379 [ 90 ] CVE-2013-1380 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380 [ 91 ] CVE-2013-2555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555 [ 92 ] CVE-2013-2728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728 [ 93 ] CVE-2013-3343 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343 [ 94 ] CVE-2013-3344 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344 [ 95 ] CVE-2013-3345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345 [ 96 ] CVE-2013-3347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347 [ 97 ] CVE-2013-3361 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361 [ 98 ] CVE-2013-3362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362 [ 99 ] CVE-2013-3363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363 [ 100 ] CVE-2013-5324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201309-06.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . ----------------------------------------------------------------------

    The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


    TITLE: Adobe Flash Player / AIR Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA52166

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52166/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    RELEASE DATE: 2013-02-12

    DISCUSS ADVISORY: http://secunia.com/advisories/52166/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/52166/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=52166

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

    1) Some unspecified errors can be exploited to cause buffer overflows.

    2) Some use-after-free errors can be exploited to dereference already freed memory.

    4) An unspecified error can be exploited to corrupt memory.

    5) An unspecified error can be exploited to corrupt memory.

    6) An unspecified error can be exploited to disclose certain sensitive information.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    PROVIDED AND/OR DISCOVERED BY: 1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna, Google 3) The vendor credits Natalie Silvanovich, BlackBerry Security, Research in Motion 4) The vendor credits Damian Put via iDefense 6) Reported by the vendor.

    ORIGINAL ADVISORY: Adobe (APSB13-05): http://www.adobe.com/support/security/bulletins/apsb13-05.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "google",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 2.x    3.x)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(android 4.x)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "android)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.167"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "10 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.61"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (linux)"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "macintosh"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.6.602.168"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.115.47"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.1.111.43"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "2012 (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "internet explorer",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.59x (air for ios include ) (windows"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.2.202.270"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(air for ios include ) (windows"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.599"
          },
          {
            "_id": null,
            "model": "air sdk",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "3.6.0.597"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 64-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows server",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.183.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(macintosh    linux)"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "for 32-bit systems (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "windows 8",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": ")"
          },
          {
            "_id": null,
            "model": "windows",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "microsoft",
            "version": "rt (adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "(windows)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "11.x (macintosh)"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "google",
            "version": "(windows/linux/macintosh : adobe flash player 11.6.602.167"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.186.7"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.48"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.14"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.19"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.183.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.22"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.185.24"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "57916"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0645"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:google:chrome",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air_sdk",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:microsoft:internet_explorer",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_8",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:microsoft:windows_server",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Mateusz Jurczyk, Gynvael Coldwind, and Fermin Serna of the Google Security Team",
        "sources": [
          {
            "db": "BID",
            "id": "57916"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-0645",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2013-0645",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-60647",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2013-0645",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2013-0645",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201302-170",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-60647",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60647"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0645"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, CVE-2013-1372, and CVE-2013-1373. Adobe Flash Player Contains a buffer overflow vulnerability. This vulnerability CVE-2013-0642 , CVE-2013-1365 , CVE-2013-1366 , CVE-2013-1367 , CVE-2013-1368 , CVE-2013-1369 , CVE-2013-1370 , CVE-2013-1372 ,and CVE-2013-1373 Is a different vulnerability.An attacker could execute arbitrary code. \nNote: This issue was previously covered in BID 57907 (Adobe Flash Player and AIR APSB13-05 Multiple Security Vulnerabilities), but has been given its own record to better document it. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: flash-plugin security update\nAdvisory ID:       RHSA-2013:0254-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0254.html\nIssue date:        2013-02-13\nCVE Names:         CVE-2013-0637 CVE-2013-0638 CVE-2013-0639 \n                   CVE-2013-0642 CVE-2013-0644 CVE-2013-0645 \n                   CVE-2013-0647 CVE-2013-0649 CVE-2013-1365 \n                   CVE-2013-1366 CVE-2013-1367 CVE-2013-1368 \n                   CVE-2013-1369 CVE-2013-1370 CVE-2013-1372 \n                   CVE-2013-1373 CVE-2013-1374 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in. These\nvulnerabilities are detailed in the Adobe Security bulletin APSB13-05,\nlisted in the References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code when a victim\nloads a page containing the malicious SWF content. (CVE-2013-0638,\nCVE-2013-0639, CVE-2013-0642, CVE-2013-0644, CVE-2013-0645, CVE-2013-0647,\nCVE-2013-0649, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368,\nCVE-2013-1369, CVE-2013-1370, CVE-2013-1372, CVE-2013-1373, CVE-2013-1374)\n\nA flaw in flash-plugin could allow an attacker to obtain sensitive\ninformation if a victim were tricked into visiting a specially-crafted web\npage. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n910570 - flash-plugin: multiple code execution flaws (APSB13-05)\n910571 - CVE-2013-0637 flash-plugin: information disclosure flaw (APSB13-05)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-11.2.202.270-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-0637.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0638.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0639.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0642.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0644.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0645.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0647.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0649.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1365.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1366.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1367.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1368.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1369.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1370.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1372.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1373.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1374.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFRG2NzXlSAg2UNWIIRAjGKAJ4lnleOpb7dBn8s/DCk7wAK9qbQJACgm3Vs\npnyD10c/hdKGIm0b1Kjv3eY=\n=+cgh\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open specially crafted SWF\ncontent, possibly resulting in execution of arbitrary code with the\nprivileges of the process or a Denial of Service condition. \nFurthermore, a remote attacker may be able to bypass access\nrestrictions. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-11.2.202.310\"\n\nReferences\n==========\n\n[   1 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   2 ] CVE-2012-5248\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5248\n[   3 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   4 ] CVE-2012-5249\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5249\n[   5 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   6 ] CVE-2012-5250\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5250\n[   7 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   8 ] CVE-2012-5251\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5251\n[   9 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  10 ] CVE-2012-5252\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5252\n[  11 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  12 ] CVE-2012-5253\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5253\n[  13 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  14 ] CVE-2012-5254\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5254\n[  15 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  16 ] CVE-2012-5255\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5255\n[  17 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  18 ] CVE-2012-5256\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5256\n[  19 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  20 ] CVE-2012-5257\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5257\n[  21 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  22 ] CVE-2012-5258\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5258\n[  23 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  24 ] CVE-2012-5259\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5259\n[  25 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  26 ] CVE-2012-5260\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5260\n[  27 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  28 ] CVE-2012-5261\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5261\n[  29 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  30 ] CVE-2012-5262\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5262\n[  31 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  32 ] CVE-2012-5263\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5263\n[  33 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  34 ] CVE-2012-5264\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5264\n[  35 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  36 ] CVE-2012-5265\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5265\n[  37 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  38 ] CVE-2012-5266\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5266\n[  39 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  40 ] CVE-2012-5267\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5267\n[  41 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  42 ] CVE-2012-5268\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5268\n[  43 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  44 ] CVE-2012-5269\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5269\n[  45 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  46 ] CVE-2012-5270\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5270\n[  47 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  48 ] CVE-2012-5271\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5271\n[  49 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  50 ] CVE-2012-5272\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5272\n[  51 ] CVE-2012-5274\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5274\n[  52 ] CVE-2012-5275\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5275\n[  53 ] CVE-2012-5276\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5276\n[  54 ] CVE-2012-5277\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5277\n[  55 ] CVE-2012-5278\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5278\n[  56 ] CVE-2012-5279\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5279\n[  57 ] CVE-2012-5280\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5280\n[  58 ] CVE-2012-5676\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5676\n[  59 ] CVE-2012-5677\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5677\n[  60 ] CVE-2012-5678\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5678\n[  61 ] CVE-2013-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0504\n[  62 ] CVE-2013-0630\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0630\n[  63 ] CVE-2013-0633\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0633\n[  64 ] CVE-2013-0634\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0634\n[  65 ] CVE-2013-0637\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0637\n[  66 ] CVE-2013-0638\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0638\n[  67 ] CVE-2013-0639\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0639\n[  68 ] CVE-2013-0642\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0642\n[  69 ] CVE-2013-0643\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0643\n[  70 ] CVE-2013-0644\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0644\n[  71 ] CVE-2013-0645\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0645\n[  72 ] CVE-2013-0646\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0646\n[  73 ] CVE-2013-0647\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0647\n[  74 ] CVE-2013-0648\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0648\n[  75 ] CVE-2013-0649\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0649\n[  76 ] CVE-2013-0650\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0650\n[  77 ] CVE-2013-1365\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1365\n[  78 ] CVE-2013-1366\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1366\n[  79 ] CVE-2013-1367\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1367\n[  80 ] CVE-2013-1368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1368\n[  81 ] CVE-2013-1369\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1369\n[  82 ] CVE-2013-1370\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1370\n[  83 ] CVE-2013-1371\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1371\n[  84 ] CVE-2013-1372\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1372\n[  85 ] CVE-2013-1373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1373\n[  86 ] CVE-2013-1374\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1374\n[  87 ] CVE-2013-1375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1375\n[  88 ] CVE-2013-1378\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1378\n[  89 ] CVE-2013-1379\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1379\n[  90 ] CVE-2013-1380\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1380\n[  91 ] CVE-2013-2555\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2555\n[  92 ] CVE-2013-2728\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2728\n[  93 ] CVE-2013-3343\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3343\n[  94 ] CVE-2013-3344\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3344\n[  95 ] CVE-2013-3345\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3345\n[  96 ] CVE-2013-3347\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3347\n[  97 ] CVE-2013-3361\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3361\n[  98 ] CVE-2013-3362\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3362\n[  99 ] CVE-2013-3363\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3363\n[ 100 ] CVE-2013-5324\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5324\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201309-06.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2013 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player / AIR Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52166\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52166/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nRELEASE DATE:\n2013-02-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52166/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52166/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player and\nAIR, which can be exploited by malicious people to disclose certain\nsensitive information and compromise a user\u0027s system. \n\n1) Some unspecified errors can be exploited to cause buffer\noverflows. \n\n2) Some use-after-free errors can be exploited to dereference already\nfreed memory. \n\n4) An unspecified error can be exploited to corrupt memory. \n\n5) An unspecified error can be exploited to corrupt memory. \n\n6) An unspecified error can be exploited to disclose certain\nsensitive information. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1, 2, 5) The vendor credits Mateusz Jurczyk, Gynvael Coldwind, and\nFermin Serna, Google\n3) The vendor credits Natalie Silvanovich, BlackBerry Security,\nResearch in Motion\n4) The vendor credits Damian Put via iDefense\n6) Reported by the vendor. \n\nORIGINAL ADVISORY:\nAdobe (APSB13-05):\nhttp://www.adobe.com/support/security/bulletins/apsb13-05.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-0645"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          },
          {
            "db": "BID",
            "id": "57916"
          },
          {
            "db": "VULHUB",
            "id": "VHN-60647"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-0645",
            "trust": 3.0
          },
          {
            "db": "USCERT",
            "id": "TA13-043A",
            "trust": 1.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52166",
            "trust": 0.7
          },
          {
            "db": "SECUNIA",
            "id": "52164",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52197",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52203",
            "trust": 0.6
          },
          {
            "db": "SECUNIA",
            "id": "52163",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "57916",
            "trust": 0.4
          },
          {
            "db": "VULHUB",
            "id": "VHN-60647",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60647"
          },
          {
            "db": "BID",
            "id": "57916"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0645"
          }
        ]
      },
      "id": "VAR-201302-0150",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60647"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:50:51.669000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB13-05",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "title": "APSB13-05 (cq02121817)",
            "trust": 0.8,
            "url": "http://helpx.adobe.com/jp/flash-player/kb/cq02121817.html"
          },
          {
            "title": "Google Chrome",
            "trust": 0.8,
            "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
          },
          {
            "title": "Stable Channel Update",
            "trust": 0.8,
            "url": "http://googlechromereleases.blogspot.jp/2013/02/stable-channel-update_12.html"
          },
          {
            "title": "Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/en-us/security/advisory/2755801"
          },
          {
            "title": "openSUSE-SU-2013:0295",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "title": "SUSE-SU-2013:0296",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "title": "openSUSE-SU-2013:0298",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "title": "RHSA-2013:0254",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0254.html"
          },
          {
            "title": "Internet Explorer 10 \u4e0a\u306e Adobe Flash Player \u306e\u8106\u5f31\u6027\u7528\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0 (2755801)",
            "trust": 0.8,
            "url": "http://technet.microsoft.com/ja-jp/security/advisory/2755801"
          },
          {
            "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Flash Player \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
            "trust": 0.8,
            "url": "http://www.fmworld.net/biz/common/adobe/20130214f.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60647"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0645"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.9,
            "url": "http://www.us-cert.gov/cas/techalerts/ta13-043a.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.adobe.com/support/security/bulletins/apsb13-05.html"
          },
          {
            "trust": 1.2,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-0254.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0645"
          },
          {
            "trust": 0.8,
            "url": "http://www.ipa.go.jp/security/ciadr/vul/20130213-adobeflashplayer.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.jpcert.or.jp/at/2013/at130010.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta13-043a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0645"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=10777"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52163"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52164"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52166"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52197"
          },
          {
            "trust": 0.6,
            "url": "http://secunia.com/advisories/52203"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/air/"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com/products/flash/"
          },
          {
            "trust": 0.3,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200903-23.xml"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0647.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0649.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0644.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1373.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1374.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1368.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0645.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0642.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1365.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1372.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/knowledge/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1366.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1369.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0637.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0638.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1367.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-1370.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-0639.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0650"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1379"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5265"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3363"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3347"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5277"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5267"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5324"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0648"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5257"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5264"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0630"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3343"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5269"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201309-06.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1374"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3362"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5279"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0646"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0647"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1370"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5260"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5249"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5276"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1367"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1366"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1372"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5271"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5261"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0637"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3344"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5278"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5274"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5268"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5263"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5253"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5254"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0639"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0645"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3345"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5256"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1368"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0643"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5275"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5266"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5262"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1371"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0642"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1365"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5258"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5251"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2728"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1378"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0504"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5250"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0638"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5248"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5676"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5272"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5677"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0644"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1380"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0633"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5255"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5678"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1375"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0649"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-5252"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1373"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52166"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/52166/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/325/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-60647"
          },
          {
            "db": "BID",
            "id": "57916"
          },
          {
            "db": "PACKETSTORM",
            "id": "120268"
          },
          {
            "db": "PACKETSTORM",
            "id": "123225"
          },
          {
            "db": "PACKETSTORM",
            "id": "120239"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0645"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-60647",
            "ident": null
          },
          {
            "db": "BID",
            "id": "57916",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2013-0645",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2013-02-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-60647",
            "ident": null
          },
          {
            "date": "2013-02-12T00:00:00",
            "db": "BID",
            "id": "57916",
            "ident": null
          },
          {
            "date": "2013-02-13T19:12:55",
            "db": "PACKETSTORM",
            "id": "120268",
            "ident": null
          },
          {
            "date": "2013-09-14T15:19:13",
            "db": "PACKETSTORM",
            "id": "123225",
            "ident": null
          },
          {
            "date": "2013-02-12T06:40:24",
            "db": "PACKETSTORM",
            "id": "120239",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-170",
            "ident": null
          },
          {
            "date": "2013-02-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001484",
            "ident": null
          },
          {
            "date": "2013-02-12T20:55:04.497000",
            "db": "NVD",
            "id": "CVE-2013-0645",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-12-06T00:00:00",
            "db": "VULHUB",
            "id": "VHN-60647",
            "ident": null
          },
          {
            "date": "2013-09-17T00:15:00",
            "db": "BID",
            "id": "57916",
            "ident": null
          },
          {
            "date": "2013-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201302-170",
            "ident": null
          },
          {
            "date": "2013-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-001484",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2013-0645",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to buffer overflow",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-001484"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201302-170"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200707-0675

    Vulnerability from variot - Updated: 2026-04-10 22:49

    The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

    Advisory ID: cisco-sa-20080708-dns

    http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

    Revision 1.0

    For Public Release 2008 July 08 1800 UTC (GMT)

    Summary

    Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches.

    To exploit this vulnerability an attacker must be able to cause a vulnerable DNS server to perform recursive DNS queries. Therefore, DNS servers that are only authoritative, or servers where recursion is not allowed, are not affected.

    Cisco has released free software updates that address this vulnerability.

    This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml.

    This security advisory is being published simultaneously with announcements from other affected organizations. Products that process DNS messages with the RD flag set will attempt to answer the question asked on behalf of the client. A product is only affected if using a vulnerable implementation of the DNS protocol, the DNS server functionality for the product is enabled, and the DNS feature for the product is configured to process recursive DNS query messages.

    Vulnerable Products +------------------

    The following Cisco products are capable of acting as DNS servers and have been found to have the DNS implementation weakness that makes some types of DNS cache poisoning attacks more likely to succeed:

    • Cisco IOS Software

      A device that is running Cisco IOS Software will be affected if it is running a vulnerable version and if it is acting as a DNS server.

      All Cisco IOS Software releases that support the DNS server functionality and that have not had their DNS implementation improved are affected. For information about specific fixed versions, please refer to the Software Versions and Fixes section.

      A device that is running Cisco IOS Software is configured to act as a DNS server if the command "ip dns server" is present in the configuration. This command is not enabled by default.

    • Cisco Network Registrar

      All Cisco Network Registrar versions are affected, and DNS services are enabled by default.

      The DNS server on CNR is enabled via the command-line interface (CLI) commands "server dns enable start-on-reboot" or "dns enable start-on-reboot" or via the web management interface in the Servers page by selecting the appropriate "Start," "Stop," or "Reload" button.

    • Cisco Application and Content Networking System

      All Cisco Application and Content Networking System (ACNS) versions are affected; DNS services are disabled by default.

      ACNS is configured to act as a DNS server if the command "dns enable" is present in the configuration.

    • Cisco Global Site Selector Used in Combination with Cisco Network Registrar

      The Cisco Global Site Selector (GSS) is affected when it is used in combination with Cisco Network Registrar software to provide a more complete DNS solution. Fixed software would come in the form of an update of the Cisco Network Registrar software rather than an update of the GSS software.

    Products Confirmed Not Vulnerable +--------------------------------

    Products that do not offer DNS server capabilities are not affected by this vulnerability.

    The Cisco GSS by itself is not affected by this vulnerability. However, it is affected when it is used with Cisco Network Registrar software.

    No other Cisco products are currently known to be affected by these vulnerabilities.

    Details

    The Domain Name System is an integral part of networks that are based on TCP/IP such as the Internet. Simply stated, the Domain Name System is a hierarchical database that contains mappings of hostnames and IP addresses. When handling a query from a DNS client, a DNS server can look into its portion of the global DNS database (if the query is for a portion of the DNS database for which the DNS server is authoritative), or it can relay the query to other DNS servers (if it is configured to do so and if the query is for a portion of the DNS database for which the DNS server is not authoritative.)

    Because of the processing time and bandwidth that is associated with handling a DNS query, most DNS servers locally store responses that are received from other DNS servers. The area where these responses are stored locally is called a "cache." Once a response is stored in a cache, the DNS server can use the locally stored response for a certain time (called the "time to live") before having to query DNS servers again to refresh the local (cached) copy of the response. For example, if www.example.com is mapped to the IP address 192.168.0.1 and this mapping is present in the cache of a DNS server, an attacker who succeeds in poisoning the DNS cache of this server may be able to map www.example.com to 10.0.0.1 instead. If this happens, a user who is trying to visit www.example.com may end up contacting the wrong web server. The fundamental implementation weakness is that the DNS transaction ID and source port number used to validate DNS responses are not sufficiently randomized and can easily be predicted, which allows an attacker to create forged responses to DNS queries that will match the expected values. The DNS server will consider such responses to be valid.

    The following Cisco products that offer DNS server functionality have been found to be susceptible to DNS cache poisoning attacks:

    • Cisco IOS Software: The vulnerability documented in Cisco bug ID CSCso81854.

    • Cisco Network Registrar: The vulnerability documented in Cisco bug ID CSCsq01298.

    • Cisco Application and Content Networking System (ACNS): The vulnerability documented in Cisco bug ID CSCsq21930.

    This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2008-1447.

    Vulnerability Scoring Details +----------------------------

    Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.

    CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

    Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

    Cisco has provided an FAQ to answer additional questions regarding CVSS at

    http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

    Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at

    http://intellishield.cisco.com/security/alertmanager/cvss

    Cisco Bugs:

    • DNS cache prone to poisoning/forged answers attacks (CSCsq21930)

    • DNS susceptible to forged query response attacks (CSCsq01298)

    • Need to make DNS implementation more resilient against forged answers (CSCso81854)

    CVSS Base Score - 6.4 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - Partial Availability Impact - Partial

    CVSS Temporal Score - 5.3 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed

    (same score for the three Cisco bugs listed above.)

    Impact

    Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead users of this DNS server to contact the wrong provider of network services. The ultimate impact varies greatly, ranging from a simple denial of service (for example, making www.example.com resolve to 127.0.0.1) to phishing and financial fraud.

    Software Versions and Fixes

    When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.

    In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.

    Cisco IOS Software +-----------------

    Each row of the Cisco IOS Software table (below) names a Cisco IOS Software release train. If a given release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table.

    +----------------------------------------+ | Major | Availability of | | Release | Repaired Releases | |------------+---------------------------| | Affected | First Fixed | Recommended | | 12.0-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | 12.0 | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DB | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DB | release | | | | 12.0(7)DB | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)DC | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0DC | release | | | | 12.0(7)DC | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0ST | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.0T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.0W | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0WC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.0WT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.0(7)XE1 | | | | are | | | 12.0XE | vulnerable, | | | | release | | | | 12.0(7)XE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.0XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XK2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XK | release | | | | 12.0(7)XK2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.0(7)XR1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.0XR | release | | | | 12.0(7)XR1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.0XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.0XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.1-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1AA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1AX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(22)AY1 | | | | are | | | 12.1AY | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(22)AY1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1AZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DB1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DB | release | | | | 12.1(4)DB1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(4)DC2 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1DC | release | | | | 12.1(4)DC2 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1E | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(11)EA1 | | | | are | | | 12.1EA | vulnerable, | 12.1(22) | | | release | EA11 | | | 12.1(11)EA1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(8a)EX | | | | are | | | 12.1EX | vulnerable, | | | | release | | | | 12.1(8a)EX | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1GB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.1T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.1XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XB | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.1(1)XC1 | | | | are | | | | vulnerable, | 12.4(19a) | | 12.1XC | release | | | | 12.1(1)XC1 | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.1XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XT | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1XZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Note: | | | | Releases | | | | prior to | | | | 12.1(5)YE1 | | | | are | 12.4(19a) | | 12.1YE | vulnerable, | | | | release | 12.4(19b) | | | 12.1(5)YE1 | | | | and later | | | | are not | | | | vulnerable; | | |------------+-------------+-------------| | 12.1YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.1YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.2-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8)BY | | | | are | | | | vulnerable, | 12.4(19a) | | 12.2BY | release | | | | 12.2(8)BY | 12.4(19b) | | | and later | | | | are not | | | | vulnerable; | | | | first fixed | | | | in 12.4 | | |------------+-------------+-------------| | 12.2BZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2CZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.2DA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2DX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EWA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2EZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2FZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2IXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2MC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2S | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SBC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SCA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SED | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SEG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SGA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SRC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SVD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SXI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2SZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.2(8) | | | | TPC10d are | | | | vulnerable, | | | 12.2TPC | release | | | | 12.2(8) | | | | TPC10d and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.2UZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XC | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XG | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XH | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XI | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XM | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XN | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XNA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XO | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2XU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2XV | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2XW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YD | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YE | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YG | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YH | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YK | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YL | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YM | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YN | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.2(18) | | | migrate to | SXF15; | | 12.2YO | any release | Available | | | in 12.2SY | on | | | | 08-AUG-08 | |------------+-------------+-------------| | 12.2YP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YR | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YS | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YT | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YU | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2YV | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2YW | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2YZ | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZA | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.2ZC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZD | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZE | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZH | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.2ZJ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.2ZL | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.2ZP | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZY | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.2ZYA | Not | | | | Vulnerable | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.3-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3 | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3B | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3BC | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3BW | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3EU | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JEC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JL | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.3JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3T | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3TPC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.3VA | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XB | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XC | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XD | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XE | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XF | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XG | first fixed | | | | in 12.4T | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XH | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XI | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XJ | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XK | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XQ | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3XR | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(19a) | | 12.3XS | first fixed | | | | in 12.4 | 12.4(19b) | |------------+-------------+-------------| | 12.3XU | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3XW | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3XY | Not | | | | Vulnerable | | |------------+-------------+-------------| | | | 12.4(19a) | | | | | | | Vulnerable; | 12.4(19b) | | 12.3YA | first fixed | | | | in 12.4 | 12.4(20)T; | | | | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YD | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | | 12.3(14) | | | | YX12 | | | Vulnerable; | | | 12.3YF | first fixed | 12.4(20)T; | | | in 12.3YX | Available | | | | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YG | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YH | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YI | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.3YJ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YK | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Releases | | | | prior to | | | | 12.3(14) | | | | YM12 are | | | | vulnerable, | 12.3(14) | | 12.3YM | release | YM12 | | | 12.3(14) | | | | YM12 and | | | | later are | | | | not | | | | vulnerable; | | |------------+-------------+-------------| | 12.3YQ | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YS | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.3YT | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | | Vulnerable; | | | 12.3YU | first fixed | | | | in 12.4XB | | |------------+-------------+-------------| | 12.3YX | 12.3(14) | 12.3(14) | | | YX12 | YX12 | |------------+-------------+-------------| | 12.3YZ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | Affected | First Fixed | Recommended | | 12.4-Based | Release | Release | | Releases | | | |------------+-------------+-------------| | | 12.4(18b) | | | | | | | | 12.4(19a) | 12.4(19a) | | 12.4 | | | | | 12.4(19b) | 12.4(19b) | | | | | | | 12.4(21) | | |------------+-------------+-------------| | 12.4JA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMA | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMB | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JMC | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4JX | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4MD | 12.4(15)MD | 12.4(15)MD | |------------+-------------+-------------| | 12.4MR | 12.4(19)MR | 12.4(19)MR | |------------+-------------+-------------| | 12.4SW | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(15)T6 | | | | | 12.4(20)T; | | 12.4T | 12.4(20)T; | Available | | | Available | on | | | on | 11-JUL-08 | | | 11-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XA | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XB | 12.4(2)XB10 | | |------------+-------------+-------------| | 12.4XC | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | | 12.4(4) | 12.4(20)T; | | | XD11; | Available | | 12.4XD | Available | on | | | on | 11-JUL-08 | | | 31-JUL-08 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XE | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XF | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XG | Not | | | | Vulnerable | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XJ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | |------------+-------------+-------------| | 12.4XK | Not | | | | Vulnerable | | |------------+-------------+-------------| | 12.4XL | 12.4(15)XL2 | 12.4(15)XL2 | |------------+-------------+-------------| | 12.4XM | 12.4(15)XM1 | 12.4(15)XM1 | |------------+-------------+-------------| | 12.4XN | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XQ | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XT | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XV | Vulnerable; | | | | contact TAC | | |------------+-------------+-------------| | 12.4XW | 12.4(11)XW8 | 12.4(11)XW6 | |------------+-------------+-------------| | 12.4XY | 12.4(15)XY3 | | |------------+-------------+-------------| | | Vulnerable; | 12.4(20)T; | | 12.4XZ | first fixed | Available | | | in 12.4T | on | | | | 11-JUL-08 | +----------------------------------------+

    Cisco Network Registrar +----------------------

    +---------------------------------------+ | Affected | | | Release | First Fixed Release | | Train | | |--------------+------------------------| | 6.1.x | Contact TAC | |--------------+------------------------| | | 6.3.1.1 patch; | | 6.3.x | available mid-July | | | 2008 | |--------------+------------------------| | 7.0.x | 7.0.1; available in | | | mid-July 2008 | +---------------------------------------+

    Cisco Network Registrar software is available for download at:

    http://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval

    Cisco Application and Content Networking System +----------------------------------------------

    This issue is fixed in version 5.5.11 of Cisco ACNS software. This release will be available for download from www.cisco.com in late July 2008.

    Cisco ACNS 5.5 software is available for download at:

    http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55

    Workarounds

    There are no workarounds.

    Additional information about identification and mitigation of attacks against DNS is in the Cisco Applied Intelligence white paper "DNS Best Practices, Network Protections, and Attack Identification," available at http://www.cisco.com/web/about/security/intelligence/dns-bcp.html.

    Obtaining Fixed Software

    Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.

    Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.

    Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.

    Customers with Service Contracts +-------------------------------

    Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com.

    Customers using Third Party Support Organizations +------------------------------------------------

    Customers whose Cisco products are provided or maintained through prior or existing agreements with third-party support organizations, such as Cisco Partners, authorized resellers, or service providers should contact that support organization for guidance and assistance with the appropriate course of action in regards to this advisory.

    The effectiveness of any workaround or fix is dependent on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround or fix is the most appropriate for use in the intended network before it is deployed.

    Customers without Service Contracts +----------------------------------

    Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows.

    • +1 800 553 2447 (toll free from within North America)
    • +1 408 526 7209 (toll call from anywhere in the world)
    • e-mail: tac@cisco.com

    Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC.

    Refer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages.

    Exploitation and Public Announcements

    The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Cisco would like to thank Dan Kaminsky for notifying vendors about his findings.

    Note that vulnerability information for Cisco IOS Software is being provided in this advisory outside of the announced publication schedule for Cisco IOS Software described at http://www.cisco.com/go/psirt due to industry-wide disclosure of the vulnerability.

    Status of this Notice: FINAL

    THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

    A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.

    Distribution

    This advisory is posted on Cisco's worldwide website at

    http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

    In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.

    • cust-security-announce@cisco.com
    • first-teams@first.org
    • bugtraq@securityfocus.com
    • vulnwatch@vulnwatch.org
    • cisco@spot.colorado.edu
    • cisco-nsp@puck.nether.net
    • full-disclosure@lists.grok.org.uk
    • comp.dcom.sys.cisco@newsgate.cisco.com

    Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.

    Revision History

    +-----------------------------------------------------------+ | Revision 1.0 | 2008-July-08 | Initial public release | +-----------------------------------------------------------+

    Cisco Security Procedures

    Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.

    +-------------------------------------------------------------------- Copyright 2007-2008 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------

    Updated: Jul 08, 2008 Document ID: 107064

    +--------------------------------------------------------------------

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t 2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC =XGZw -----END PGP SIGNATURE----- . This could be used to misdirect users and services; i.e.

    This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447


    Updated Packages:

    Mandriva Linux 2007.1: 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm

    Mandriva Linux 2007.1/X86_64: 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm

    Mandriva Linux 2008.0: 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm

    Mandriva Linux 2008.1: 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm

    Mandriva Linux 2008.1/X86_64: 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm

    Corporate 3.0: de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm

    Corporate 3.0/X86_64: 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm

    Corporate 4.0: 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-03


                                            http://security.gentoo.org/
    

    Severity: Normal Title: pdnsd: Denial of Service and cache poisoning Date: January 11, 2009 Bugs: #231285 ID: 200901-03


    Synopsis

    Two errors in pdnsd allow for Denial of Service and cache poisoning.

    Affected packages

    -------------------------------------------------------------------
     Package        /  Vulnerable  /                        Unaffected
    -------------------------------------------------------------------
    

    1 net-dns/pdnsd < 1.2.7 >= 1.2.7

    Description

    Two issues have been reported in pdnsd:

    • The p_exec_query() function in src/dns_query.c does not properly handle many entries in the answer section of a DNS reply, related to a "dangling pointer bug" (CVE-2008-4194). The first issue can be exploited by enticing pdnsd to send a query to a malicious DNS server, or using the port randomization weakness, and might lead to a Denial of Service.

    Workaround

    Port randomization can be enabled by setting the "query_port_start" option to 1024 which would resolve the CVE-2008-1447 issue.

    Resolution

    All pdnsd users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-dns/pdnsd-1.2.7"
    

    References

    [ 1 ] CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [ 2 ] CVE-2008-4194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4194

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200901-03.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5 . Among other things, successful attacks can lead to misdirected web traffic and email rerouting.

    This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult.

    This update also switches the random number generator to Dan Bernstein's SURF.

    For the stable distribution (etch), this problem has been fixed in version 2.35-1+etch4. Packages for alpha will be provided later.

    For the unstable distribution (sid), this problem has been fixed in version 2.43-1.

    We recommend that you upgrade your dnsmasq package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 4.0 alias etch


    Stable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc Size/MD5 checksum: 596 3834461c89e55467b4b65ed4ac209e81 http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz Size/MD5 checksum: 252901 ad1fafeaf3442685cfe16613e0f8b777 http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz Size/MD5 checksum: 19202 4ced7768f49198bd43bbbd24f2a3d3e4

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb Size/MD5 checksum: 188278 8fb55f694db9fdfccaa86d134e937777

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb Size/MD5 checksum: 181746 4caf23f31de937b817e12ade7d132eac

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb Size/MD5 checksum: 190490 66730e785683655b058d11aa70346be4

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb Size/MD5 checksum: 184546 1fbdd71e81a1e05d68b0f88eaeb00b10

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb Size/MD5 checksum: 223758 011f283b71ef0f9e07d5a9dce25db505

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb Size/MD5 checksum: 189846 5c67cca2eaedc1dff80c5fd05aa1d33f

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb Size/MD5 checksum: 191824 dfd87d69a7751f1e6ef2d0f1ede052ff

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb Size/MD5 checksum: 186890 93701abcca5421beddab015a7f35af99

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb Size/MD5 checksum: 186396 6f19f6c8d803c3d57e01e73fe1e11886

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb Size/MD5 checksum: 182910 f360078c14f715e90e60124b4ede2be9

    These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c01506861 Version: 3

    HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2008-07-16 Last Updated: 2008-08-06

    Potential Security Impact: Remote DNS cache poisoning

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running BIND. HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2008-1447 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.

    RESOLUTION

    HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2.

    Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.

    The BIND v9.2.0 update is available for download from: ftp://ss080058:ss080058@hprc.external.hp.com

    The patch PHNE_37865 is available from: http://itrc.hp.com

    The BIND v9.3.2 updates are available for download from: http://software.hp.com

    HP-UX Release - B.11.11 running v8.1.2 Action - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below

    HP-UX Release - B.11.11 running v9.2.0 BIND Depot name - BIND920v11.depot MD5 Sum - F6999280DE19645EF86FF52083AACD72

    HP-UX Release - B.11.23 running v9.2.0 Action - Install PHNE_37865

    HP-UX Release - B.11.11 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent

    HP-UX Release - B.11.23 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent

    HP-UX Release - B.11.31 running v9.3.2 Action - Install revision C.9.3.2.3.0 or subsequent

    Note: HP is aware of performance issues with these updates / patch. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available.

    MANUAL ACTIONS: Yes - NonUpdate For B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates For B.11.11 running v9.2.0 install BIND920v11.depot

    PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

    AFFECTED VERSIONS

    For BIND v8.1.2 HP-UX B.11.11 ============= InternetSrvcs.INETSVCS-RUN action: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates

    For BIND v9.3.2 HP-UX B.11.11 ============= BindUpgrade.BIND-UPGRADE action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com

    HP-UX B.11.23

    BindUpgrade.BIND-UPGRADE BindUpgrade.BIND2-UPGRADE action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com

    HP-UX B.11.31

    NameService.BIND-AUX NameService.BIND-RUN action: install revision C.9.3.2.3.0 or subsequent URL: http://software.hp.com

    For BIND v9.2.0 HP-UX B.11.11 ============= BINDv920.INETSVCS-BIND action: install revision B.11.11.01.011 or subsequent URL: ftp://ss080058:ss080058@hprc.external.hp.com

    HP-UX B.11.23

    InternetSrvcs.INETSVCS-INETD InternetSrvcs.INETSVCS-RUN InternetSrvcs.INETSVCS2-RUN action: install patch PHNE_37865 or subsequent URL: http://itrc.hp.com

    END AFFECTED VERSIONS

    HISTORY Version:1 (rev.1) - 16 July 2008 Initial release Version:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information Version:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== Ubuntu Security Notice USN-622-1 July 08, 2008 bind9 vulnerability CVE-2008-1447 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.5

    Ubuntu 7.04: libdns22 1:9.3.4-2ubuntu2.3

    Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2

    Ubuntu 8.04 LTS: libdns35 1:9.4.2-10ubuntu0.1

    In general, a standard system upgrade is sufficient to effect the necessary changes.

    Details follow:

    Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.

    Description

    == Several vulnerabilities in safe level ==

    Multiple errors in the implementation of safe level restrictions can be exploited to call "untrace_var()", perform syslog operations, and modify "$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels 1 through 3.

    (These vulnerabilities were reported by Keita Yamaguchi.)

    == DoS vulnerability in WEBrick ==

    An error exists in the usage of regular expressions in "WEBrick::HTTPUtils.split_header_value()". This can be exploited to consume large amounts of CPU via a specially crafted HTTP request.

    (This vulnerability was reported by Christian Neukirchen.)

    == Lack of taintness check in dl ==

    An error in "DL" can be exploited to bypass security restrictions and call potentially dangerous functions.

    (This vulnerability was reported by Tanaka Akira.)

    Affected packages:

    Pardus 2008: ruby, all before 1.8.7_p72-16-4 ruby-mode, all before 1.8.7_p72-16-4

    Pardus 2007: ruby, all before 1.8.7_p72-16-13 ruby-mode, all before 1.8.7_p72-16-4

    Resolution

    There are update(s) for ruby, ruby-mode. You can update them via Package Manager or with a single command from console:

    Pardus 2008: pisi up ruby ruby-mode

    Pardus 2007: pisi up ruby ruby-mode

    References

    • http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby
    • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
    • http://secunia.com/advisories/31430/

    -- Pınar Yanardağ http://pinguar.org


    Full-Disclosure - We believe in it. There are two ways to deal with this situation:

    1. The documentation included with BIND 9 contains a migration guide. Configure the BIND 8 resolver to forward queries to a BIND 9 resolver. Provided that the network between both resolvers is trusted, this protects the BIND 8 resolver from cache poisoning attacks (to the same degree that the BIND 9 resolver is protected). It is theoretically possible to safely use BIND 8 in this way, but updating to BIND 9 is strongly recommended. BIND 8 (that is, the bind package) will be removed from the etch distribution in a future point release. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.

    Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

    The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/

    The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.


    TITLE: Red Hat update for bind

    SECUNIA ADVISORY ID: SA26195

    VERIFY ADVISORY: http://secunia.com/advisories/26195/

    CRITICAL: Moderately critical

    IMPACT: Spoofing

    WHERE:

    From remote

    OPERATING SYSTEM: Red Hat Enterprise Linux (v. 5 server) http://secunia.com/product/13652/ Red Hat Enterprise Linux Desktop (v. 5 client) http://secunia.com/product/13653/ Red Hat Enterprise Linux Desktop Workstation (v. 5 client) http://secunia.com/product/13651/ RedHat Enterprise Linux AS 2.1 http://secunia.com/product/48/ RedHat Enterprise Linux AS 3 http://secunia.com/product/2534/ RedHat Enterprise Linux AS 4 http://secunia.com/product/4669/ RedHat Enterprise Linux ES 2.1 http://secunia.com/product/1306/ RedHat Enterprise Linux ES 3 http://secunia.com/product/2535/ RedHat Enterprise Linux ES 4 http://secunia.com/product/4668/ RedHat Enterprise Linux WS 3 http://secunia.com/product/2536/ RedHat Enterprise Linux WS 2.1 http://secunia.com/product/1044/ RedHat Enterprise Linux WS 4 http://secunia.com/product/4670/ RedHat Linux Advanced Workstation 2.1 for Itanium http://secunia.com/product/1326/

    DESCRIPTION: Red Hat has issued an update for bind.

    For more information: SA26152

    SOLUTION: Updated packages are available from Red Hat Network. http://rhn.redhat.com

    ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2007-0740.html

    OTHER REFERENCES: SA26152: http://secunia.com/advisories/26152/


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280) ===============================================

    Ben Laurie of Google's Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166).

    In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.

    Attack Description

    In order to mount an attack against a vulnerable OP, the attacker first finds the private key corresponding to the weak TLS certificate. He then sets up a website masquerading as the original OP, both for the OpenID protocol and also for HTTP/HTTPS.

    There are two cases, one is where the victim is a user trying to identify themselves, in which case, even if they use HTTPS to "ensure" that the site they are visiting is indeed their provider, they will be unable to detect the substitution and will give their login credentials to the attacker.

    The second case is where the victim is the Relying Party (RP). In this case, even if the RP uses TLS to connect to the OP, as is recommended for higher assurance, he will not be defended, as the vast majority of OpenID implementations do not check CRLs, and will, therefore, accept the malicious site as the true OP.

    Mitigation

    Mitigation is surprisingly hard. In theory the vulnerable site should revoke their weak certificate and issue a new one.

    However, since the CRLs will almost certainly not be checked, this means the site will still be vulnerable to attack for the lifetime of the certificate (and perhaps beyond, depending on user behaviour). Note that shutting down the site DOES NOT prevent the attack.

    Therefore mitigation falls to other parties.

    1. Browsers must check CRLs by default.

    2. OpenID libraries must check CRLs.

    3. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted for any OP that cannot demonstrate it has never had a weak certificate.

    Discussion

    Normally, when security problems are encountered with a single piece of software, the responsible thing to do is to is to wait until fixes are available before making any announcement. However, as a number of examples in the past have demonstrated, this approach does not work particularly well when many different pieces of software are involved because it is necessary to coordinate a simultaneous release of the fixes, whilst hoping that the very large number of people involved will cooperate in keeping the vulnerability secret.

    In the present situation, the fixes will involve considerable development work in adding CRL handling to a great many pieces of openID code. This is a far from trivial amount of work.

    The fixes will also involve changes to browser preferences to ensure that CRLs are checked by default -- which many vendors have resisted for years. We are extremely pessimistic that a security vulnerability in OpenID will be seen as sufficiently important to change the browser vendors minds.

    Hence, we see no value in delaying this announcement; and by making the details public as soon as possible, we believe that individuals who rely on OpenID will be better able to take their own individual steps to avoid relying upon the flawed certificates we have identified.

    OpenID is at heart quite a weak protocol, when used in its most general form[1], and consequently there is very limited reliance upon its security. This means that the consequences of the combination of attacks that are now possible is nothing like as serious as might otherwise have been the case.

    However, it does give an insight into the type of security disaster that may occur in the future if we do not start to take CRLs seriously, but merely stick them onto "to-do" lists or disable them in the name of tiny performance improvements.

    Affected Sites

    There is no central registry of OpenID systems, and so we cannot be sure that we have identified all of the weak certificates that are currently being served. The list of those we have found so far is:

    openid.sun.com www.xopenid.net openid.net.nz

    Notes

    [1] There are ways of using OpenID that are significantly more secure than the commonly deployed scheme, I shall describe those in a separate article.


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "fujitsu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "isc",
            "version": "8"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "isc",
            "version": "4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "isc",
            "version": "9.2.9"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "alcatel lucent",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "bluecat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "force10",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "funkwerk",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "infoblox",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nec",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nixu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nominum",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nortel",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "novell",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "qnx",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "secure computing network security division",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wind river",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "yamaha",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "dnsmasq",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Debian",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2008-1447",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2008-1447",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "VHN-31572",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.2,
                "id": "CVE-2008-1447",
                "impactScore": 4.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2008-1447",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#800113",
                "trust": 0.8,
                "value": "27.54"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#252735",
                "trust": 0.8,
                "value": "3.83"
              },
              {
                "author": "VULHUB",
                "id": "VHN-31572",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. When the destination address is a DNS port, it will allow remote attackers to bypass CVE-2008 -1447 security protection. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache\nPoisoning Attacks\n\nAdvisory ID: cisco-sa-20080708-dns\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nRevision 1.0\n\nFor Public Release 2008 July 08 1800 UTC (GMT)\n\nSummary\n=======\n\nMultiple Cisco products are vulnerable to DNS cache poisoning attacks\ndue to their use of insufficiently randomized DNS transaction IDs and\nUDP source ports in the DNS queries that they produce, which may allow\nan attacker to more easily forge DNS answers that can poison DNS caches. \n\nTo exploit this vulnerability an attacker must be able to cause a\nvulnerable DNS server to perform recursive DNS queries. Therefore, DNS\nservers that are only authoritative, or servers where recursion is not\nallowed, are not affected. \n\nCisco has released free software updates that address this vulnerability. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml. \n\nThis security advisory is being published simultaneously with\nannouncements from other affected organizations. \nProducts that process DNS messages with the RD flag set will attempt to\nanswer the question asked on behalf of the client. A product is only\naffected if using a vulnerable implementation of the DNS protocol, the\nDNS server functionality for the product is enabled, and the DNS feature\nfor the product is configured to process recursive DNS query messages. \n\nVulnerable Products\n+------------------\n\nThe following Cisco products are capable of acting as DNS servers and\nhave been found to have the DNS implementation weakness that makes some\ntypes of DNS cache poisoning attacks more likely to succeed:\n\n  * Cisco IOS Software\n\n    A device that is running Cisco IOS Software will be affected if it\n    is running a vulnerable version and if it is acting as a DNS server. \n\n    All Cisco IOS Software releases that support the DNS server\n    functionality and that have not had their DNS implementation\n    improved are affected. For information about specific fixed\n    versions, please refer to the Software Versions and Fixes section. \n\n    A device that is running Cisco IOS Software is configured to act\n    as a DNS server if the command \"ip dns server\" is present in the\n    configuration. This command is not enabled by default. \n\n  * Cisco Network Registrar\n\n    All Cisco Network Registrar versions are affected, and DNS services\n    are enabled by default. \n\n    The DNS server on CNR is enabled via the command-line interface\n    (CLI) commands \"server dns enable start-on-reboot\" or \"dns enable\n    start-on-reboot\" or via the web management interface in the Servers\n    page by selecting the appropriate \"Start,\" \"Stop,\" or \"Reload\"\n    button. \n\n  * Cisco Application and Content Networking System\n\n    All Cisco Application and Content Networking System (ACNS) versions\n    are affected; DNS services are disabled by default. \n\n    ACNS is configured to act as a DNS server if the command\n    \"dns enable\" is present in the configuration. \n\n  * Cisco Global Site Selector Used in Combination with Cisco Network\n    Registrar\n\n    The Cisco Global Site Selector (GSS) is affected when it is used in\n    combination with Cisco Network Registrar software to provide a more\n    complete DNS solution. Fixed software would come in the form of an\n    update of the Cisco Network Registrar software rather than an update\n    of the GSS software. \n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nProducts that do not offer DNS server capabilities are not affected by\nthis vulnerability. \n\nThe Cisco GSS by itself is not affected by this vulnerability. However,\nit is affected when it is used with Cisco Network Registrar software. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe Domain Name System is an integral part of networks that are based\non TCP/IP such as the Internet. Simply stated, the Domain Name System\nis a hierarchical database that contains mappings of hostnames and IP\naddresses. When handling\na query from a DNS client, a DNS server can look into its portion of the\nglobal DNS database (if the query is for a portion of the DNS database\nfor which the DNS server is authoritative), or it can relay the query\nto other DNS servers (if it is configured to do so and if the query\nis for a portion of the DNS database for which the DNS server is not\nauthoritative.)\n\nBecause of the processing time and bandwidth that is associated with\nhandling a DNS query, most DNS servers locally store responses that\nare received from other DNS servers. The area where these responses\nare stored locally is called a \"cache.\" Once a response is stored in a\ncache, the DNS server can use the locally stored response for a certain\ntime (called the \"time to live\") before having to query DNS servers\nagain to refresh the local (cached) copy of the response. For\nexample, if www.example.com is mapped to the IP address 192.168.0.1\nand this mapping is present in the cache of a DNS server, an attacker\nwho succeeds in poisoning the DNS cache of this server may be able to\nmap www.example.com to 10.0.0.1 instead. If this happens, a user who\nis trying to visit www.example.com may end up contacting the wrong web\nserver. The fundamental implementation\nweakness is that the DNS transaction ID and source port number used to\nvalidate DNS responses are not sufficiently randomized and can easily\nbe predicted, which allows an attacker to create forged responses to\nDNS queries that will match the expected values. The DNS server will\nconsider such responses to be valid. \n\nThe following Cisco products that offer DNS server functionality have\nbeen found to be susceptible to DNS cache poisoning attacks:\n\n  * Cisco IOS Software: The vulnerability documented in Cisco bug ID\n    CSCso81854. \n\n  * Cisco Network Registrar: The vulnerability documented in Cisco\n    bug ID CSCsq01298. \n\n  * Cisco Application and Content Networking System (ACNS): The\n    vulnerability documented in Cisco bug ID CSCsq21930. \n\nThis vulnerability has been assigned Common Vulnerabilities and\nExposures (CVE) ID CVE-2008-1447. \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\nCisco Bugs:\n\n* DNS cache prone to poisoning/forged answers attacks (CSCsq21930)\n\n* DNS susceptible to forged query response attacks (CSCsq01298)\n\n* Need to make DNS implementation more resilient against forged answers\n(CSCso81854)\n\nCVSS Base Score - 6.4\n    Access Vector -            Network\n    Access Complexity -        Low\n    Authentication -           None\n    Confidentiality Impact -   None\n    Integrity Impact -         Partial\n    Availability Impact -      Partial\n\nCVSS Temporal Score - 5.3\n    Exploitability -           Functional\n    Remediation Level -        Official-Fix\n    Report Confidence -        Confirmed\n\n(same score for the three Cisco bugs listed above.)\n\nImpact\n======\n\nSuccessful exploitation of the vulnerability described in this document\nmay result in invalid hostname-to-IP address mappings in the cache of an\naffected DNS server. This may lead users of this DNS server to contact\nthe wrong provider of network services. The ultimate impact varies\ngreatly, ranging from a simple denial of service (for example, making\nwww.example.com resolve to 127.0.0.1) to phishing and financial fraud. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult\nhttp://www.cisco.com/go/psirt and any subsequent advisories to determine\nexposure and a complete upgrade solution. \n\nIn all cases, customers should exercise caution to be certain the\ndevices to be upgraded contain sufficient memory and that current\nhardware and software configurations will continue to be supported\nproperly by the new release. If the information is not clear, contact\nthe Cisco Technical Assistance Center (TAC) or your contracted\nmaintenance provider for assistance. \n\nCisco IOS Software\n+-----------------\n\nEach row of the Cisco IOS Software table (below) names a Cisco IOS\nSoftware release train. If a given release train is vulnerable, then\nthe earliest possible releases that contain the fix (along with the\nanticipated date of availability for each, if applicable) are listed in\nthe \"First Fixed Release\" column of the table. The \"Recommended Release\"\ncolumn indicates the releases which have fixes for all the published\nvulnerabilities at the time of this Advisory. A device running a release\nin the given train that is earlier than the release in a specific column\n(less than the First Fixed Release) is known to be vulnerable. Cisco\nrecommends upgrading to a release equal to or later than the release in\nthe \"Recommended Releases\" column of the table. \n\n+----------------------------------------+\n|   Major    |        Availability of    |\n|  Release   |     Repaired Releases     |\n|------------+---------------------------|\n|  Affected  | First Fixed | Recommended |\n| 12.0-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n| 12.0       | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0DA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)DB   |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0DB     | release     |             |\n|            | 12.0(7)DB   | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)DC   |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0DC     | release     |             |\n|            | 12.0(7)DC   | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.0S      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0ST     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0SZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.0T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.0W      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0WC     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.0WT     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Note:       |             |\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)XE1  |             |\n|            | are         |             |\n| 12.0XE     | vulnerable, |             |\n|            | release     |             |\n|            | 12.0(7)XE1  |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.0XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)XK2  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0XK     | release     |             |\n|            | 12.0(7)XK2  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.0XL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XN     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.0(7)XR1  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.0XR     | release     |             |\n|            | 12.0(7)XR1  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.0XS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.0XW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.1-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.1       | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.1AA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1AX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(22)AY1 |             |\n|            | are         |             |\n| 12.1AY     | vulnerable, | 12.1(22)    |\n|            | release     | EA11        |\n|            | 12.1(22)AY1 |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1AZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1CX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1DA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(4)DB1  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.1DB     | release     |             |\n|            | 12.1(4)DB1  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(4)DC2  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.1DC     | release     |             |\n|            | 12.1(4)DC2  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.1E      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(11)EA1 |             |\n|            | are         |             |\n| 12.1EA     | vulnerable, | 12.1(22)    |\n|            | release     | EA11        |\n|            | 12.1(11)EA1 |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1EB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Note:       |             |\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(8a)EX  |             |\n|            | are         |             |\n| 12.1EX     | vulnerable, |             |\n|            | release     |             |\n|            | 12.1(8a)EX  |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1EY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1EZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1GA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1GB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.1T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.1XA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(1)XC1  |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.1XC     | release     |             |\n|            | 12.1(1)XC1  | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.1XD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XN     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XR     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XT     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1XZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Note:       |             |\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.1(5)YE1  |             |\n|            | are         | 12.4(19a)   |\n| 12.1YE     | vulnerable, |             |\n|            | release     | 12.4(19b)   |\n|            | 12.1(5)YE1  |             |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.1YF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.1YJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.2-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2       | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2B      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2BC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2BW     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.2(8)BY   |             |\n|            | are         |             |\n|            | vulnerable, | 12.4(19a)   |\n| 12.2BY     | release     |             |\n|            | 12.2(8)BY   | 12.4(19b)   |\n|            | and later   |             |\n|            | are not     |             |\n|            | vulnerable; |             |\n|            | first fixed |             |\n|            | in 12.4     |             |\n|------------+-------------+-------------|\n| 12.2BZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2CX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2CY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2CZ     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.2DA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2DD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2DX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EWA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2EZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2FX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2FY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2FZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXD    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXE    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2IXF    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2JA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2JK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2MB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2MC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2S      | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SBC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SCA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SED    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEE    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEF    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SEG    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SGA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SRA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SRB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SRC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SVA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SVC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SVD    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXD    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXE    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXF    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXH    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SXI    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2SZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.2(8)     |             |\n|            | TPC10d are  |             |\n|            | vulnerable, |             |\n| 12.2TPC    | release     |             |\n|            | 12.2(8)     |             |\n|            | TPC10d and  |             |\n|            | later are   |             |\n|            | not         |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.2UZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XB     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XC     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XG     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XI     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XK     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XL     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XM     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XN     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XNA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XO     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XR     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XT     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2XU     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2XV     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2XW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YB     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YD     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YE     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YH     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YJ     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2YK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YL     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YM     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YN     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.2(18)    |\n|            | migrate to  | SXF15;      |\n| 12.2YO     | any release | Available   |\n|            | in 12.2SY   | on          |\n|            |             | 08-AUG-08   |\n|------------+-------------+-------------|\n| 12.2YP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YR     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YS     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YT     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YU     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2YV     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2YW     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2YZ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZB     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.2ZC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZD     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZE     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZF     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.2ZG     | first fixed |             |\n|            | in 12.4T    | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.2ZH     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.2ZJ     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.2ZL     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.2ZP     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.2ZYA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.3-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3       | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3B      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3BC     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3BW     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3EU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JEA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JEB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JEC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JL     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.3JX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3T      | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3TPC    | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.3VA     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XA     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XB     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XC     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XD     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XE     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XF     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XG     | first fixed |             |\n|            | in 12.4T    | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XH     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3XI     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            |             | 12.3(14)    |\n|            |             | YX12        |\n|            | Vulnerable; |             |\n| 12.3XJ     | first fixed | 12.4(20)T;  |\n|            | in 12.3YX   | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XK     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XQ     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3XR     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(19a)   |\n| 12.3XS     | first fixed |             |\n|            | in 12.4     | 12.4(19b)   |\n|------------+-------------+-------------|\n| 12.3XU     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            |             | 12.3(14)    |\n|            |             | YX12        |\n|            | Vulnerable; |             |\n| 12.3XW     | first fixed | 12.4(20)T;  |\n|            | in 12.3YX   | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.3XY     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            |             | 12.4(19a)   |\n|            |             |             |\n|            | Vulnerable; | 12.4(19b)   |\n| 12.3YA     | first fixed |             |\n|            | in 12.4     | 12.4(20)T;  |\n|            |             | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YD     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            |             | 12.3(14)    |\n|            |             | YX12        |\n|            | Vulnerable; |             |\n| 12.3YF     | first fixed | 12.4(20)T;  |\n|            | in 12.3YX   | Available   |\n|            |             | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YG     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YH     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YI     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.3YJ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YK     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Releases    |             |\n|            | prior to    |             |\n|            | 12.3(14)    |             |\n|            | YM12 are    |             |\n|            | vulnerable, | 12.3(14)    |\n| 12.3YM     | release     | YM12        |\n|            | 12.3(14)    |             |\n|            | YM12 and    |             |\n|            | later are   |             |\n|            | not         |             |\n|            | vulnerable; |             |\n|------------+-------------+-------------|\n| 12.3YQ     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YS     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.3YT     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n|            | Vulnerable; |             |\n| 12.3YU     | first fixed |             |\n|            | in 12.4XB   |             |\n|------------+-------------+-------------|\n| 12.3YX     | 12.3(14)    | 12.3(14)    |\n|            | YX12        | YX12        |\n|------------+-------------+-------------|\n| 12.3YZ     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|  Affected  | First Fixed | Recommended |\n| 12.4-Based |   Release   |   Release   |\n|  Releases  |             |             |\n|------------+-------------+-------------|\n|            | 12.4(18b)   |             |\n|            |             |             |\n|            | 12.4(19a)   | 12.4(19a)   |\n| 12.4       |             |             |\n|            | 12.4(19b)   | 12.4(19b)   |\n|            |             |             |\n|            | 12.4(21)    |             |\n|------------+-------------+-------------|\n| 12.4JA     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JMA    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JMB    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JMC    | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4JX     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4MD     | 12.4(15)MD  | 12.4(15)MD  |\n|------------+-------------+-------------|\n| 12.4MR     | 12.4(19)MR  | 12.4(19)MR  |\n|------------+-------------+-------------|\n| 12.4SW     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            | 12.4(15)T6  |             |\n|            |             | 12.4(20)T;  |\n| 12.4T      | 12.4(20)T;  | Available   |\n|            | Available   | on          |\n|            | on          | 11-JUL-08   |\n|            | 11-JUL-08   |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XA     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.4XB     | 12.4(2)XB10 |             |\n|------------+-------------+-------------|\n| 12.4XC     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n|            | 12.4(4)     | 12.4(20)T;  |\n|            | XD11;       | Available   |\n| 12.4XD     | Available   | on          |\n|            | on          | 11-JUL-08   |\n|            | 31-JUL-08   |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XE     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.4XF     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4XG     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XJ     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n|------------+-------------+-------------|\n| 12.4XK     | Not         |             |\n|            | Vulnerable  |             |\n|------------+-------------+-------------|\n| 12.4XL     | 12.4(15)XL2 | 12.4(15)XL2 |\n|------------+-------------+-------------|\n| 12.4XM     | 12.4(15)XM1 | 12.4(15)XM1 |\n|------------+-------------+-------------|\n| 12.4XN     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XQ     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XT     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XV     | Vulnerable; |             |\n|            | contact TAC |             |\n|------------+-------------+-------------|\n| 12.4XW     | 12.4(11)XW8 | 12.4(11)XW6 |\n|------------+-------------+-------------|\n| 12.4XY     | 12.4(15)XY3 |             |\n|------------+-------------+-------------|\n|            | Vulnerable; | 12.4(20)T;  |\n| 12.4XZ     | first fixed | Available   |\n|            | in 12.4T    | on          |\n|            |             | 11-JUL-08   |\n+----------------------------------------+\n\nCisco Network Registrar\n+----------------------\n\n+---------------------------------------+\n|   Affected   |                        |\n|   Release    |  First Fixed Release   |\n|    Train     |                        |\n|--------------+------------------------|\n| 6.1.x        | Contact TAC            |\n|--------------+------------------------|\n|              | 6.3.1.1 patch;         |\n| 6.3.x        | available mid-July     |\n|              | 2008                   |\n|--------------+------------------------|\n| 7.0.x        | 7.0.1; available in    |\n|              | mid-July 2008          |\n+---------------------------------------+\n\nCisco Network Registrar software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/Software/Tablebuild/tablebuild.pl/nr-eval\n\nCisco Application and Content Networking System\n+----------------------------------------------\n\nThis issue is fixed in version 5.5.11 of Cisco ACNS software. This\nrelease will be available for download from www.cisco.com in late July\n2008. \n\nCisco ACNS 5.5 software is available for download at:\n\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/acns55\n\nWorkarounds\n===========\n\nThere are no workarounds. \n\nAdditional information about identification and mitigation of attacks\nagainst DNS is in the Cisco Applied Intelligence white paper \"DNS Best\nPractices, Network Protections, and Attack Identification,\" available at\nhttp://www.cisco.com/web/about/security/intelligence/dns-bcp.html. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nCustomers with contracts should obtain upgraded software through their\nregular update channels. For most customers, this means that upgrades\nshould be obtained through the Software Center on Cisco\u0027s worldwide\nwebsite at http://www.cisco.com. \n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nCustomers whose Cisco products are provided or maintained through prior\nor existing agreements with third-party support organizations, such\nas Cisco Partners, authorized resellers, or service providers should\ncontact that support organization for guidance and assistance with the\nappropriate course of action in regards to this advisory. \n\nThe effectiveness of any workaround or fix is dependent on specific\ncustomer situations, such as product mix, network topology, traffic\nbehavior, and organizational mission. Due to the variety of affected\nproducts and releases, customers should consult with their service\nprovider or support organization to ensure any applied workaround or fix\nis the most appropriate for use in the intended network before it is\ndeployed. \n\nCustomers without Service Contracts\n+----------------------------------\n\nCustomers who purchase direct from Cisco but do not hold a Cisco service\ncontract, and customers who purchase through third-party vendors but are\nunsuccessful in obtaining fixed software through their point of sale\nshould acquire upgrades by contacting the Cisco Technical Assistance\nCenter (TAC). TAC contacts are as follows. \n\n  * +1 800 553 2447 (toll free from within North America)\n  * +1 408 526 7209 (toll call from anywhere in the world)\n  * e-mail: tac@cisco.com\n\nCustomers should have their product serial number available and be\nprepared to give the URL of this notice as evidence of entitlement to a\nfree upgrade. Free upgrades for non-contract customers must be requested\nthrough the TAC. \n\nRefer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml\nfor additional TAC contact information, including localized telephone\nnumbers, and instructions and e-mail addresses for use in various\nlanguages. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. Cisco would like to\nthank Dan Kaminsky for notifying vendors about his findings. \n\nNote that vulnerability information for Cisco IOS Software is being\nprovided in this advisory outside of the announced publication schedule\nfor Cisco IOS Software described at http://www.cisco.com/go/psirt due to\nindustry-wide disclosure of the vulnerability. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n  * cust-security-announce@cisco.com\n  * first-teams@first.org\n  * bugtraq@securityfocus.com\n  * vulnwatch@vulnwatch.org\n  * cisco@spot.colorado.edu\n  * cisco-nsp@puck.nether.net\n  * full-disclosure@lists.grok.org.uk\n  * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+-----------------------------------------------------------+\n| Revision 1.0  | 2008-July-08  | Initial public release    |\n+-----------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2007-2008 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Jul 08, 2008                             Document ID: 107064\n\n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkhztUIACgkQ86n/Gc8U/uCAgACfVRRoJO4w4defnpwbNlfgBm4t\n2SMAnjKCKECHtsjN9umqqPrPd2DW4IcC\n=XGZw\n-----END PGP SIGNATURE-----\n.  This could be used to misdirect users and services;\n i.e. \n \n This update provides the latest stable BIND releases for all platforms\n except Corporate Server/Desktop 3.0 and MNF2, which have been patched\n to correct the issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 73cc24fc9586b7ab290d755012c16a79  2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm\n 70867c50cfd64b4406aa002d627d740b  2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm\n 3603e9d9115466753397a1f472011703  2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d  2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4eb7ce0984d3ce3befff667392e3bf3e  2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm\n d7b9a9e7d4c52a5b0c54f59ca20bf2d5  2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm\n c5c66c9609615029d2f07f7b09a63118  2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d  2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 52dfe3970fcd9495b2bb9379a9312b25  2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm\n 97d20d35b6814aa2f9fab549ca6237c0  2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm\n 87a7bb3dd25abd8cd882a8f2fdc2398e  2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm \n da4444a8074e6ede39dfa557fb258db7  2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n b9d0337363bc1e2b14505f25d4ee5f99  2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm\n 9b75e2a96784c00c2912bc3bf333d089  2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm\n 0a593b090d9e6bda3666e234056e19ba  2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm \n da4444a8074e6ede39dfa557fb258db7  2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 2534ef007262d4ea2d219bab0190466c  2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm\n c3feee5d05aa3aee14cd70a2d295d0b1  2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm\n f306c06665b723a2530258e6d1dbdae2  2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm\n 967ef80628f92160930bc3a3827a216e  2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm \n 70fc7a7964944a2926979710c5148ed1  2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3f4d96d7a7f913c141e1f63cdc7e7336  2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm\n 420db658366763686198f41394aa72b3  2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm\n 6f3674f68311494c5a9ff0dbce831e82  2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm\n 4294b3a086b89bf53c5c967c17962447  2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm \n 70fc7a7964944a2926979710c5148ed1  2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Corporate 3.0:\n de2a4372d1c25d73f343c9fcb044c9dd  corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n 1f24f6dbdb6c02e21cbbef99555049cb  corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm\n 00405b98290d5a41f226081baa57e18d  corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 6a237dc290f4f7c463b1996e6a4a4515  corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 628162f3d6a414828d2231fefc46842b  corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm\n dd29ff31a9cffcc1b20fd045869d7013  corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm\n c475c1a4d048e04da1fc27dcbb17c3f3  corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm \n 6a237dc290f4f7c463b1996e6a4a4515  corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 271ead204904be302d197cd542f5ae23  corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm\n 42413dcc1cf053e735216f767eff4e5d  corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm\n 0201afe493a41e1deedc9bf7e9725f4a  corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e  corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b1a18a7d0578dab7bd825eda6c682b3d  corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 6a2ebd550feb9147058de05b1a1ef04d  corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 670a1b934ce4974b8505018ab69ade0b  corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e  corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5b694c24cc2092e38f531dbfdd5c9d41  mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n c08bc805027059c47bed32215f17eacb  mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 39225289516498e1b071c5059306f2b9  mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200901-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: pdnsd: Denial of Service and cache poisoning\n      Date: January 11, 2009\n      Bugs: #231285\n        ID: 200901-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nTwo errors in pdnsd allow for Denial of Service and cache poisoning. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package        /  Vulnerable  /                        Unaffected\n    -------------------------------------------------------------------\n  1  net-dns/pdnsd       \u003c 1.2.7                              \u003e= 1.2.7\n\nDescription\n===========\n\nTwo issues have been reported in pdnsd:\n\n* The p_exec_query() function in src/dns_query.c does not properly\n  handle many entries in the answer section of a DNS reply, related to\n  a \"dangling pointer bug\" (CVE-2008-4194). The first issue\ncan be exploited by enticing pdnsd to send a query to a malicious DNS\nserver, or using the port randomization weakness, and might lead to a\nDenial of Service. \n\nWorkaround\n==========\n\nPort randomization can be enabled by setting the \"query_port_start\"\noption to 1024 which would resolve the CVE-2008-1447 issue. \n\nResolution\n==========\n\nAll pdnsd users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=net-dns/pdnsd-1.2.7\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2008-1447\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n  [ 2 ] CVE-2008-4194\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4194\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200901-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. Among other things,\nsuccessful attacks can lead to misdirected web traffic and email\nrerouting. \n\nThis update changes Debian\u0027s dnsmasq packages to implement the\nrecommended countermeasure: UDP query source port randomization. This\nchange increases the size of the space from which an attacker has to\nguess values in a backwards-compatible fashion and makes successful\nattacks significantly more difficult. \n\nThis update also switches the random number generator to Dan\nBernstein\u0027s SURF. \n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.35-1+etch4. Packages for alpha will be provided later. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.43-1. \n\nWe recommend that you upgrade your dnsmasq package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc\n    Size/MD5 checksum:      596 3834461c89e55467b4b65ed4ac209e81\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz\n    Size/MD5 checksum:   252901 ad1fafeaf3442685cfe16613e0f8b777\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz\n    Size/MD5 checksum:    19202 4ced7768f49198bd43bbbd24f2a3d3e4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb\n    Size/MD5 checksum:   188278 8fb55f694db9fdfccaa86d134e937777\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb\n    Size/MD5 checksum:   181746 4caf23f31de937b817e12ade7d132eac\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb\n    Size/MD5 checksum:   190490 66730e785683655b058d11aa70346be4\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb\n    Size/MD5 checksum:   184546 1fbdd71e81a1e05d68b0f88eaeb00b10\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb\n    Size/MD5 checksum:   223758 011f283b71ef0f9e07d5a9dce25db505\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb\n    Size/MD5 checksum:   189846 5c67cca2eaedc1dff80c5fd05aa1d33f\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb\n    Size/MD5 checksum:   191824 dfd87d69a7751f1e6ef2d0f1ede052ff\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb\n    Size/MD5 checksum:   186890 93701abcca5421beddab015a7f35af99\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb\n    Size/MD5 checksum:   186396 6f19f6c8d803c3d57e01e73fe1e11886\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb\n    Size/MD5 checksum:   182910 f360078c14f715e90e60124b4ede2be9\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01506861\nVersion: 3\n\nHPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-07-16\nLast Updated: 2008-08-06\n\nPotential Security Impact: Remote DNS cache poisoning\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running BIND. \nHP-UX B.11.11, B.11.23, B.11.31 running BIND v9.3.2 or BIND v9.2.0, HP-UX B.11.11 running BIND v8.1.2 \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference                         Base Vector               Base Score \nCVE-2008-1447      (AV:N/AC:L/Au:N/C:P/I:P/A:P)     7.5\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nRESOLUTION\n\nHP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2. \n\nCustomers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below. \n\nThe BIND v9.2.0 update is available for download from: ftp://ss080058:ss080058@hprc.external.hp.com \n\nThe patch PHNE_37865 is available from: http://itrc.hp.com \n\nThe BIND v9.3.2 updates are available for download from: http://software.hp.com \n\n \nHP-UX Release - B.11.11 running v8.1.2\nAction - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below \n \nHP-UX Release - B.11.11 running v9.2.0\nBIND Depot name - BIND920v11.depot\n MD5 Sum - F6999280DE19645EF86FF52083AACD72\n \nHP-UX Release - B.11.23 running v9.2.0 \nAction - Install PHNE_37865\n\nHP-UX Release - B.11.11 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent \n \nHP-UX Release - B.11.23 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent\n \nHP-UX Release - B.11.31 running v9.3.2\nAction - Install revision C.9.3.2.3.0 or subsequent\n\nNote: HP is aware of performance issues with these updates / patch. All customers should test the updates / patch in their environment. HP is investigating changes to reduce the performance issues. This bulletin will be revised when new updates / patch become available. \n\nMANUAL ACTIONS: Yes - NonUpdate \nFor B.11.11 running v8.1.2, upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates \nFor B.11.11 running v9.2.0 install BIND920v11.depot \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa \n\nAFFECTED VERSIONS \n\nFor BIND v8.1.2 \nHP-UX B.11.11 \n============= \nInternetSrvcs.INETSVCS-RUN \naction: upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates \n\nFor BIND v9.3.2 \nHP-UX B.11.11 \n============= \nBindUpgrade.BIND-UPGRADE \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.23 \n============= \nBindUpgrade.BIND-UPGRADE \nBindUpgrade.BIND2-UPGRADE \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nHP-UX B.11.31 \n============= \nNameService.BIND-AUX \nNameService.BIND-RUN \naction: install revision C.9.3.2.3.0 or subsequent \nURL: http://software.hp.com \n\nFor BIND v9.2.0 \nHP-UX B.11.11 \n============= \nBINDv920.INETSVCS-BIND \naction: install revision B.11.11.01.011 or subsequent \nURL: ftp://ss080058:ss080058@hprc.external.hp.com \n\nHP-UX B.11.23 \n============= \nInternetSrvcs.INETSVCS-INETD \nInternetSrvcs.INETSVCS-RUN \nInternetSrvcs.INETSVCS2-RUN \naction: install patch PHNE_37865 or subsequent \nURL: http://itrc.hp.com \n\nEND AFFECTED VERSIONS \n\nHISTORY \nVersion:1 (rev.1) - 16 July 2008 Initial release \nVersion:2 (rev.2) - 19 July 2008 Added BIND v9.2.0 depot information \nVersion:3 (rev.3) - 06 August 2008 Updated patch location, revised BIND v9.2.0 depot information, added BIND v8.1.2 \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com \n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n  - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. =========================================================== \nUbuntu Security Notice USN-622-1              July 08, 2008\nbind9 vulnerability\nCVE-2008-1447\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libdns21                        1:9.3.2-2ubuntu1.5\n\nUbuntu 7.04:\n  libdns22                        1:9.3.4-2ubuntu2.3\n\nUbuntu 7.10:\n  libdns32                        1:9.4.1-P1-3ubuntu2\n\nUbuntu 8.04 LTS:\n  libdns35                        1:9.4.2-10ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nDan Kaminsky discovered weaknesses in the DNS protocol as implemented\nby Bind. \n\n\nDescription\n===========\n\n== Several vulnerabilities in safe level ==\n\nMultiple errors in the implementation of safe level restrictions can be\nexploited to call \"untrace_var()\", perform syslog operations, and modify\n\"$PROGRAM_NAME\" at safe level 4, or call insecure methods at safe levels\n1 through 3. \n\n(These vulnerabilities were reported by Keita Yamaguchi.)\n\n\n== DoS vulnerability in WEBrick ==\n\nAn   error exists   in   the   usage   of   regular   expressions   in\n\"WEBrick::HTTPUtils.split_header_value()\".  This can  be  exploited  to\nconsume large amounts of CPU via a specially crafted HTTP request. \n\n(This vulnerability was reported by Christian Neukirchen.)\n\n\n== Lack of taintness check in dl ==\n\nAn error in \"DL\" can be exploited to bypass security  restrictions  and\ncall potentially dangerous functions. \n\n(This vulnerability was reported by Tanaka Akira.)\n\n\nAffected packages:\n\n   Pardus 2008:\n     ruby, all before 1.8.7_p72-16-4\n     ruby-mode, all before 1.8.7_p72-16-4\n\n   Pardus 2007:\n     ruby, all before 1.8.7_p72-16-13\n     ruby-mode, all before 1.8.7_p72-16-4\n\n\n\nResolution\n==========\n\nThere are update(s) for ruby, ruby-mode. You can update them via Package\nManager or with a single command from console:\n\n   Pardus 2008:\n     pisi up ruby ruby-mode\n\n   Pardus 2007:\n     pisi up ruby ruby-mode\n\n\nReferences\n==========\n\n   * http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby\n   * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n   * http://secunia.com/advisories/31430/\n\n------------------------------------------------------------------------\n\n-- \nP\u0131nar Yanarda\u011f\nhttp://pinguar.org\n\n\n_______________________________________________\nFull-Disclosure - We believe in it.  There are two ways to deal with this situation:\n\n1.  The documentation included with BIND 9 contains a\nmigration guide. Configure the BIND 8 resolver to forward queries to a BIND 9\nresolver.  Provided that the network between both resolvers is trusted,\nthis protects the BIND 8 resolver from cache poisoning attacks (to the\nsame degree that the BIND 9 resolver is protected).  It is theoretically possible to safely use\nBIND 8 in this way, but updating to BIND 9 is strongly recommended. \nBIND 8 (that is, the bind package) will be removed from the etch\ndistribution in a future point release.  Scott\nKitterman noted that python-dns is vulnerable to this predictability,\nas it randomizes neither its transaction ID nor its source port. \nTaken together, this lack of entropy leaves applications using\npython-dns to perform DNS queries highly susceptible to response\nforgery. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nRed Hat update for bind\n\nSECUNIA ADVISORY ID:\nSA26195\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26195/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nRed Hat Enterprise Linux (v. 5 server)\nhttp://secunia.com/product/13652/\nRed Hat Enterprise Linux Desktop (v. 5 client)\nhttp://secunia.com/product/13653/\nRed Hat Enterprise Linux Desktop Workstation (v. 5 client)\nhttp://secunia.com/product/13651/\nRedHat Enterprise Linux AS 2.1\nhttp://secunia.com/product/48/\nRedHat Enterprise Linux AS 3\nhttp://secunia.com/product/2534/\nRedHat Enterprise Linux AS 4\nhttp://secunia.com/product/4669/\nRedHat Enterprise Linux ES 2.1\nhttp://secunia.com/product/1306/\nRedHat Enterprise Linux ES 3\nhttp://secunia.com/product/2535/\nRedHat Enterprise Linux ES 4\nhttp://secunia.com/product/4668/\nRedHat Enterprise Linux WS 3\nhttp://secunia.com/product/2536/\nRedHat Enterprise Linux WS 2.1\nhttp://secunia.com/product/1044/\nRedHat Enterprise Linux WS 4\nhttp://secunia.com/product/4670/\nRedHat Linux Advanced Workstation 2.1 for Itanium\nhttp://secunia.com/product/1326/\n\nDESCRIPTION:\nRed Hat has issued an update for bind. \n\nFor more information:\nSA26152\n\nSOLUTION:\nUpdated packages are available from Red Hat Network. \nhttp://rhn.redhat.com\n\nORIGINAL ADVISORY:\nhttp://rhn.redhat.com/errata/RHSA-2007-0740.html\n\nOTHER REFERENCES:\nSA26152:\nhttp://secunia.com/advisories/26152/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. Security Advisory (08-AUG-2008) (CVE-2008-3280)\n===============================================\n\nBen Laurie of Google\u0027s Applied Security team, while working with an\nexternal researcher, Dr. Richard Clayton of the Computer Laboratory,\nCambridge University, found that various OpenID Providers (OPs) had\nTLS Server Certificates that used weak keys, as a result of the Debian\nPredictable Random Number Generator (CVE-2008-0166). \n\nIn combination with the DNS Cache Poisoning issue (CVE-2008-1447) and\nthe fact that almost all SSL/TLS implementations do not consult CRLs\n(currently an untracked issue), this means that it is impossible to\nrely on these OPs. \n\nAttack Description\n------------------\n\nIn order to mount an attack against a vulnerable OP, the attacker\nfirst finds the private key corresponding to the weak TLS\ncertificate. He then sets up a website masquerading as the original\nOP, both for the OpenID protocol and also for HTTP/HTTPS. \n\nThere are two cases, one is where the victim is a user trying to\nidentify themselves, in which case, even if they use HTTPS to \"ensure\"\nthat the site they are visiting is indeed their provider, they will be\nunable to detect the substitution and will give their login\ncredentials to the attacker. \n\nThe second case is where the victim is the Relying Party (RP). In this\ncase, even if the RP uses TLS to connect to the OP, as is recommended\nfor higher assurance, he will not be defended, as the vast majority of\nOpenID implementations do not check CRLs, and will, therefore, accept\nthe malicious site as the true OP. \n\nMitigation\n----------\n\nMitigation is surprisingly hard. In theory the vulnerable site should\nrevoke their weak certificate and issue a new one. \n\nHowever, since the CRLs will almost certainly not be checked, this\nmeans the site will still be vulnerable to attack for the lifetime of\nthe certificate (and perhaps beyond, depending on user\nbehaviour). Note that shutting down the site DOES NOT prevent the\nattack. \n\nTherefore mitigation falls to other parties. \n\n1. Browsers must check CRLs by default. \n\n2. OpenID libraries must check CRLs. \n\n3. \n\n4. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted\n   for any OP that cannot demonstrate it has never had a weak\n   certificate. \n\nDiscussion\n----------\n\nNormally, when security problems are encountered with a single piece\nof software, the responsible thing to do is to is to wait until fixes\nare available before making any announcement. However, as a number of\nexamples in the past have demonstrated, this approach does not work\nparticularly well when many different pieces of software are involved\nbecause it is necessary to coordinate a simultaneous release of the\nfixes, whilst hoping that the very large number of people involved\nwill cooperate in keeping the vulnerability secret. \n\nIn the present situation, the fixes will involve considerable\ndevelopment work in adding CRL handling to a great many pieces of\nopenID code. This is a far from trivial amount of work. \n\nThe fixes will also involve changes to browser preferences to ensure\nthat CRLs are checked by default -- which many vendors have resisted\nfor years. We are extremely pessimistic that a security vulnerability\nin OpenID will be seen as sufficiently important to change the browser\nvendors minds. \n\nHence, we see no value in delaying this announcement; and by making\nthe details public as soon as possible, we believe that individuals\nwho rely on OpenID will be better able to take their own individual\nsteps to avoid relying upon the flawed certificates we have\nidentified. \n\nOpenID is at heart quite a weak protocol, when used in its most\ngeneral form[1], and consequently there is very limited reliance upon\nits security. This means that the consequences of the combination of\nattacks that are now possible is nothing like as serious as might\notherwise have been the case. \n\nHowever, it does give an insight into the type of security disaster\nthat may occur in the future if we do not start to take CRLs\nseriously, but merely stick them onto \"to-do\" lists or disable them in\nthe name of tiny performance improvements. \n\nAffected Sites\n--------------\n\nThere is no central registry of OpenID systems, and so we cannot be\nsure that we have identified all of the weak certificates that are\ncurrently being served. The list of those we have found so far is:\n\nopenid.sun.com\nwww.xopenid.net\nopenid.net.nz\n\nNotes\n-----\n\n[1] There are ways of using OpenID that are significantly more secure\n    than the commonly deployed scheme, I shall describe those in a\n    separate article. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          },
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "PACKETSTORM",
            "id": "68039"
          },
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "73732"
          },
          {
            "db": "PACKETSTORM",
            "id": "68288"
          },
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68878"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          },
          {
            "db": "PACKETSTORM",
            "id": "58035"
          },
          {
            "db": "PACKETSTORM",
            "id": "68924"
          }
        ],
        "trust": 3.51
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-31572",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2008-1447",
            "trust": 2.2
          },
          {
            "db": "CERT/CC",
            "id": "VU#800113",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "31430",
            "trust": 1.2
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2025",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0297",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2334",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2383",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2113",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2558",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2019",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2377",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2584",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2342",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-0622",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2166",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2051",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2092",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2029",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2384",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2268",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2052",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2549",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2197",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2009-0311",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2055",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2467",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2123",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2482",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2525",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2023",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2582",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2114",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2196",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2139",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2466",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2050",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2195",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2291",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2030",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020548",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020578",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020448",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020558",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020702",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020440",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020575",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020437",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020802",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020449",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020579",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020561",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020804",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020577",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020560",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020651",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020653",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020438",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1020576",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31209",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31197",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31422",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30977",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31151",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31354",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31093",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31212",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31207",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31221",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31254",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31451",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31169",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30988",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30973",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31687",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31199",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30980",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31137",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30998",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31014",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31065",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31882",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31019",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31153",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31482",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31495",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33178",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33714",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31213",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31326",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31052",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31011",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31588",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31033",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31031",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30979",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31022",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31094",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31030",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31204",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30925",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31072",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31152",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31237",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31012",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "33786",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31143",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31236",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31900",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "30989",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "31823",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-190B",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-260A",
            "trust": 1.1
          },
          {
            "db": "USCERT",
            "id": "TA08-190A",
            "trust": 1.1
          },
          {
            "db": "BID",
            "id": "30131",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "6130",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "6123",
            "trust": 1.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "6122",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "26195",
            "trust": 0.9
          },
          {
            "db": "EXPLOIT-DB",
            "id": "4266",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "68878",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68288",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68068",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "73732",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68039",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68691",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68037",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68546",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68063",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "68038",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68755",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68412",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68118",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "73060",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68502",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68061",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "74443",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "96747",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "94774",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68199",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68183",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68471",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "70207",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68036",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68500",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68360",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68473",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68129",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68554",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68543",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-65607",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "69021",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "58035",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "68924",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "PACKETSTORM",
            "id": "68039"
          },
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "73732"
          },
          {
            "db": "PACKETSTORM",
            "id": "68288"
          },
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68878"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          },
          {
            "db": "PACKETSTORM",
            "id": "58035"
          },
          {
            "db": "PACKETSTORM",
            "id": "68924"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "id": "VAR-200707-0675",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:49:38.575000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-331",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-310",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26667"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26668"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26669"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26670"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26671"
          },
          {
            "trust": 1.1,
            "url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26672"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/30131"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-190a.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/800113"
          },
          {
            "trust": 1.1,
            "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml"
          },
          {
            "trust": 1.1,
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht3026"
          },
          {
            "trust": 1.1,
            "url": "http://support.apple.com/kb/ht3129"
          },
          {
            "trust": 1.1,
            "url": "http://support.citrix.com/article/ctx117991"
          },
          {
            "trust": 1.1,
            "url": "http://support.citrix.com/article/ctx118183"
          },
          {
            "trust": 1.1,
            "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
          },
          {
            "trust": 1.1,
            "url": "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231"
          },
          {
            "trust": 1.1,
            "url": "http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018"
          },
          {
            "trust": 1.1,
            "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
          },
          {
            "trust": 1.1,
            "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
          },
          {
            "trust": 1.1,
            "url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
          },
          {
            "trust": 1.1,
            "url": "http://www.novell.com/support/viewcontent.do?externalid=7000912"
          },
          {
            "trust": 1.1,
            "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
          },
          {
            "trust": 1.1,
            "url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/security/advisories/vmsa-2008-0014.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1603"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1604"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1605"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1619"
          },
          {
            "trust": 1.1,
            "url": "http://www.debian.org/security/2008/dsa-1623"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/6122"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/6123"
          },
          {
            "trust": 1.1,
            "url": "https://www.exploit-db.com/exploits/6130"
          },
          {
            "trust": 1.1,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html"
          },
          {
            "trust": 1.1,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
          },
          {
            "trust": 1.1,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
          },
          {
            "trust": 1.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
          },
          {
            "trust": 1.1,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520"
          },
          {
            "trust": 1.1,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:139"
          },
          {
            "trust": 1.1,
            "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.caughq.org/exploits/cau-ex-2008-0002.txt"
          },
          {
            "trust": 1.1,
            "url": "http://www.caughq.org/exploits/cau-ex-2008-0003.txt"
          },
          {
            "trust": 1.1,
            "url": "http://www.doxpara.com/?p=1176"
          },
          {
            "trust": 1.1,
            "url": "http://www.doxpara.com/dmk_bo2k8.ppt"
          },
          {
            "trust": 1.1,
            "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
          },
          {
            "trust": 1.1,
            "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
          },
          {
            "trust": 1.1,
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
          },
          {
            "trust": 1.1,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc"
          },
          {
            "trust": 1.1,
            "url": "http://www.openbsd.org/errata42.html#013_bind"
          },
          {
            "trust": 1.1,
            "url": "http://www.openbsd.org/errata43.html#004_bind"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627"
          },
          {
            "trust": 1.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0789.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020437"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020438"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020440"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020448"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020449"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020548"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020558"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020560"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020561"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020575"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020576"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020577"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020578"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020579"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020651"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020653"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020702"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020802"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1020804"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30925"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30973"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30977"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30979"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30980"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30988"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30989"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/30998"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31011"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31012"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31014"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31019"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31022"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31030"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31031"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31033"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31052"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31065"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31072"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31093"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31094"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31137"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31143"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31151"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31152"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31153"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31169"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31197"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31199"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31204"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31207"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31209"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31212"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31213"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31221"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31236"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31237"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31254"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31326"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31354"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31422"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31430"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31451"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31482"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31495"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31588"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31687"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31823"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31882"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/31900"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33178"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33714"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/33786"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
          },
          {
            "trust": 1.1,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-622-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.ubuntu.com/usn/usn-627-1"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2019/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2023/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2025/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2029/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2030/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2050/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2051/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2052/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2055/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2092/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2113/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2114/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2123/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2139/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2166/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2195/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2196/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2197/references"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2268"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2291"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2334"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2342"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2377"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2383"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2384"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2466"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2467"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2482"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2525"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2549"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2558"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2582"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2008/2584"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2009/0297"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2009/0311"
          },
          {
            "trust": 1.1,
            "url": "http://www.vupen.com/english/advisories/2010/0622"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
          },
          {
            "trust": 1.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
          },
          {
            "trust": 1.0,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=762152"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/26195/"
          },
          {
            "trust": 0.8,
            "url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3833"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc2827"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3704"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc3013"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/rfc4033"
          },
          {
            "trust": 0.8,
            "url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/dns_random.html"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/dns_transmit.html"
          },
          {
            "trust": 0.8,
            "url": "http://cr.yp.to/djbdns/forgery.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/microsoftdns"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/bind9dns"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/bind8dns"
          },
          {
            "trust": 0.8,
            "url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
          },
          {
            "trust": 0.8,
            "url": "http://blogs.iss.net/archive/morednsnat.html"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/cert/jvnvu800113/"
          },
          {
            "trust": 0.8,
            "url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://www.isc.org/sw/bind/bind-security.php"
          },
          {
            "trust": 0.8,
            "url": "http://www.trusteer.com/docs/bind9dns.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23252735/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.milw0rm.com/exploits/4266"
          },
          {
            "trust": 0.8,
            "url": "http://docs.info.apple.com/article.html?artnum=307041"
          },
          {
            "trust": 0.4,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.4,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447"
          },
          {
            "trust": 0.3,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.3,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.3,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.3,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.2,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.2,
            "url": "https://www.hp.com/go/swa"
          },
          {
            "trust": 0.2,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;id=762152"
          },
          {
            "trust": 0.1,
            "url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=40"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=123324863916385\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=141879471518471\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=121866517322103\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://marc.info/?l=bugtraq\u0026amp;m=121630706004256\u0026amp;w=2"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.539239"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.452680"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/go/psirt"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/web/about/security/intelligence/dns-bcp.html."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/en/us/products/prod_warranties_item09186a008088e31f.html,"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/pcgi-bin/software/tablebuild/tablebuild.pl/nr-eval"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/pcgi-bin/tablebuild.pl/acns55"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com."
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/go/psirt."
          },
          {
            "trust": 0.1,
            "url": "https://www.example.com"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/warp/public/687/directory/dirtac.shtml"
          },
          {
            "trust": 0.1,
            "url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
          },
          {
            "trust": 0.1,
            "url": "http://intellishield.cisco.com/security/alertmanager/cvss"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4194"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-200901-03.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4194"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/d/dnsmasq/dnsmasq_2.35-1+etch4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://software.hp.com"
          },
          {
            "trust": 0.1,
            "url": "http://itrc.hp.com"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-p1-3ubuntu2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/31430/"
          },
          {
            "trust": 0.1,
            "url": "http://pinguar.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/p/python-dns/python-dns_2.3.0-5.2+etch1.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2536/"
          },
          {
            "trust": 0.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2007-0740.html"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/network_software_inspector/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2535/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/13653/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/48/"
          },
          {
            "trust": 0.1,
            "url": "http://rhn.redhat.com"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/13651/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4669/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4668/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/13652/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1326/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/26152/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1306/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/4670/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/2534/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/1044/"
          },
          {
            "trust": 0.1,
            "url": "https://www.xopenid.net"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-3280"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0166"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735"
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572"
          },
          {
            "db": "PACKETSTORM",
            "id": "68039"
          },
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "73732"
          },
          {
            "db": "PACKETSTORM",
            "id": "68288"
          },
          {
            "db": "PACKETSTORM",
            "id": "68691"
          },
          {
            "db": "PACKETSTORM",
            "id": "68878"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68037"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          },
          {
            "db": "PACKETSTORM",
            "id": "58035"
          },
          {
            "db": "PACKETSTORM",
            "id": "68924"
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#252735",
            "ident": null
          },
          {
            "db": "VULHUB",
            "id": "VHN-31572",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68039",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68068",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "73732",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68288",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68691",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68878",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68063",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "69021",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68037",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68546",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "58035",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "68924",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2008-1447",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2008-07-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "date": "2007-07-27T00:00:00",
            "db": "CERT/CC",
            "id": "VU#252735",
            "ident": null
          },
          {
            "date": "2008-07-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31572",
            "ident": null
          },
          {
            "date": "2008-07-10T06:26:35",
            "db": "PACKETSTORM",
            "id": "68039",
            "ident": null
          },
          {
            "date": "2008-07-10T07:29:30",
            "db": "PACKETSTORM",
            "id": "68068",
            "ident": null
          },
          {
            "date": "2009-01-12T19:16:04",
            "db": "PACKETSTORM",
            "id": "73732",
            "ident": null
          },
          {
            "date": "2008-07-17T19:16:48",
            "db": "PACKETSTORM",
            "id": "68288",
            "ident": null
          },
          {
            "date": "2008-07-31T22:22:45",
            "db": "PACKETSTORM",
            "id": "68691",
            "ident": null
          },
          {
            "date": "2008-08-06T21:52:19",
            "db": "PACKETSTORM",
            "id": "68878",
            "ident": null
          },
          {
            "date": "2008-07-10T07:10:37",
            "db": "PACKETSTORM",
            "id": "68063",
            "ident": null
          },
          {
            "date": "2008-08-13T04:21:24",
            "db": "PACKETSTORM",
            "id": "69021",
            "ident": null
          },
          {
            "date": "2008-07-10T06:23:57",
            "db": "PACKETSTORM",
            "id": "68037",
            "ident": null
          },
          {
            "date": "2008-07-28T15:27:39",
            "db": "PACKETSTORM",
            "id": "68546",
            "ident": null
          },
          {
            "date": "2007-07-26T04:26:32",
            "db": "PACKETSTORM",
            "id": "58035",
            "ident": null
          },
          {
            "date": "2008-08-08T20:46:25",
            "db": "PACKETSTORM",
            "id": "68924",
            "ident": null
          },
          {
            "date": "2008-07-08T23:41:00",
            "db": "NVD",
            "id": "CVE-2008-1447",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2014-04-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#800113",
            "ident": null
          },
          {
            "date": "2008-08-06T00:00:00",
            "db": "CERT/CC",
            "id": "VU#252735",
            "ident": null
          },
          {
            "date": "2020-03-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-31572",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2008-1447",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          }
        ],
        "trust": 0.2
      },
      "title": {
        "_id": null,
        "data": "Multiple DNS implementations vulnerable to cache poisoning",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#800113"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "spoof",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "68068"
          },
          {
            "db": "PACKETSTORM",
            "id": "68063"
          },
          {
            "db": "PACKETSTORM",
            "id": "69021"
          },
          {
            "db": "PACKETSTORM",
            "id": "68546"
          }
        ],
        "trust": 0.4
      }
    }

    VAR-201106-0026

    Vulnerability from variot - Updated: 2026-04-10 22:45

    Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability.". An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The following versions are vulnerable: Adobe Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris operating systems Adobe Flash Player 10.3.185.22 and prior versions for Android UPDATE (June 7, 2011): The vendor indicates there may be an impact related to the 'Authplay.dll' component of Adobe Reader and Acrobat X 10.0.3, Reader 9.x and 10.x, and Acrobat 9.x and 10.x. We will update this BID when additional details emerge. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: flash-plugin security update Advisory ID: RHSA-2011:0850-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0850.html Issue date: 2011-06-06 CVE Names: CVE-2011-2107 =====================================================================

    1. Summary:

    An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. This vulnerability is detailed on the Adobe security page APSB11-13, listed in the References section. (CVE-2011-2107)

    All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.22

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

    1. Package List:

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: flash-plugin-10.3.181.22-1.el5.i386.rpm

    x86_64: flash-plugin-10.3.181.22-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: flash-plugin-10.3.181.22-1.el5.i386.rpm

    x86_64: flash-plugin-10.3.181.22-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: flash-plugin-10.3.181.22-1.el6.i686.rpm

    x86_64: flash-plugin-10.3.181.22-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: flash-plugin-10.3.181.22-1.el6.i686.rpm

    x86_64: flash-plugin-10.3.181.22-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: flash-plugin-10.3.181.22-1.el6.i686.rpm

    x86_64: flash-plugin-10.3.181.22-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2011-2107.html https://access.redhat.com/security/updates/classification/#important http://www.adobe.com/support/security/bulletins/apsb11-13.html

    1. Contact:

    The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFN7OqAXlSAg2UNWIIRApgjAKCldmXlUbDzD/uUwi8XnweoaBZ00gCeIzcZ 1XCuXnfYCW/M6oYmVu+sw+U= =AUfZ -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201110-11


                                            http://security.gentoo.org/
    

    Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: October 13, 2011 Bugs: #354207, #359019, #363179, #367031, #370215, #372899, #378637, #384017 ID: 201110-11


    Synopsis

    Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service.

    Background

    The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.

    Impact

    By enticing a user to open a specially crafted SWF file a remote attacker could cause a Denial of Service or the execution of arbitrary code with the privileges of the user running the application.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"

    References

    [ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-11.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "9.0.124.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.2.152.33"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.8,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "10.0.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "9.4.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "9.4.2"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.246.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.154.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.153.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.28.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.260.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.277.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.85.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.31.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.48.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.106.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.2"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.22.87"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.151.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.159.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.42.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.115.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.4.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.156.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.154.13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.181.14"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.32.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.12.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.152.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.82.76"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.105.6"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.47.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.45.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.10"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.102.64"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.157.51"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.4.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.53.64"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.159.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.15.3"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.185.22"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.45.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.1.52.14.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.73.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.2.152"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.79"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.69.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.33.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.70.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.18d60"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.155.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.112.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.0.584"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.28"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.19.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.60.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.12.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.14.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.1.52.15"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.35.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.31"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.24.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.66.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.34.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.283.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.22.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.53.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.25"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.61.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.67.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.2.152.32"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.21.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.114.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.125.0"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.1.92.8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.39.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.16"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.262.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.68.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.42.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.16   for chrome users"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.16   network distribution"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.185.22   for android"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary eus",
            "scope": null,
            "trust": 0.8,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6.z (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary long life",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6 (server)"
          },
          {
            "_id": null,
            "model": "acrobat reader",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1004"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375127"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1033"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1044"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.28"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.34"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.322.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.50"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.391.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.50"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.14"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.306.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1012"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1039"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.539.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.434.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.529.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1031"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.399.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.203"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.365.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.105"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.474.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.335.2"
          },
          {
            "_id": null,
            "model": "chrome beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.249.78"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.326.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.317.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.64"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.499.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.47255"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.76"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.40"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.39"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.447.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.507.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.366.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.213"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.306"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.530.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.348.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.2460"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.458.1"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.208"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1010"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.507.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.2.149.27"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.11"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.366.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.15"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.82"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.22"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.395.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.28"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.13"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.127"
          },
          {
            "_id": null,
            "model": "solaris express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.25"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1051"
          },
          {
            "_id": null,
            "model": "in motion blackberry playbook tablet software",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "research",
            "version": "1.0.5.2342"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.225"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1061"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.385.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.319.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.20"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.366.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.535.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.445.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.514.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.443.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.296.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.107"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.219"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.374.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.275.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.417.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.23"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.218"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.217"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.57"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.27"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1043"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1049"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.7"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.71"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.407.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1057"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.518.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.346.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.421.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.51"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.390.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.38"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.382.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.27"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.438.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.39"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.536.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.20"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.23"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.462.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.12"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.11"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.368.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.209"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.37"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.46"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.77"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.226"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.87"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.46"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.126"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.481.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.489.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.37"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.393.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.362.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.531.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.26"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.423.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.48"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.323.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.356.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.93"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.23"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.370.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.380.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.447.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.216"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.344"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.512.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.419.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.66"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.48"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.361.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1018"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.58"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.222.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.4.154.22"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.437.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.483.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.467.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.435.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.200"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.278.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.413.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.452.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1017"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.64"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.537.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.302.0"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.c0.41",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.379.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.513.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.453.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.2.149.29"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.25"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1062"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.30"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.490.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1020"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.57"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.469.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1042"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1058"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.158.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.152.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.49"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.334.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.280"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.55"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.52"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.303"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.506.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1054"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.458.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.404.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.414.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.53"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.494.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.335.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.484.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1030"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.85"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.328.0"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.27"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.360.3"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.211"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.22"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.51.66"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.482.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.479.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.27"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.381.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.19"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.15"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.104"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.12"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8.2.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.394.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.38"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.41"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.511.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.437.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.503.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.415.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.364.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.521.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.507.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.520.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.349.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1022"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.528.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.458.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.450.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.350.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.322.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.476.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.2491064"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.61"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.17"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.20"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.63"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.354.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.345.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.325.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.215"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1026"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.222.12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.37"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.33"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.31"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.335.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.24"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.369.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.22"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.431.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.347.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.23"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.24"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.498.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.412.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.83"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.34"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.16"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1038"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.42"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.406.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.302"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.77"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.310"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.515.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.416.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.63"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.55"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.59"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.445.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.409.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.329.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1006"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.68"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.315.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.34"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.499.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.32"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.b3.61",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.54"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.277.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.47"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3218"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.384.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.69"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.170.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.29"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.350.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.13"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.157.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.26"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.422.0"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.511.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.3.154.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.61"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.36"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.529.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.503.0"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.24"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.299.0"
          },
          {
            "_id": null,
            "model": "chrome beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.193.2"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.33"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.371.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.8"
          },
          {
            "_id": null,
            "model": "chrome beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.169.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.272.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.169.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.411.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.288.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.452.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.202"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.496.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.363.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.294.0"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.367.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1016"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1045"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.36"
          },
          {
            "_id": null,
            "model": "chrome beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.454.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.43"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.28"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.453.0"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.337.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.301.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.68"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.507.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.96"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.366.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.36"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.43"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.91"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1032"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.42"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.80"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.473.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.441.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.60"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.549.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1040"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.157.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.88"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.314.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.207"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.16"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.440.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.426.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.343.0"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.355.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.327.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.477.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1055"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.22"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.67"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.65"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.401.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.516.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.335.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.356.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.430.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.493.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.457.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.29"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.28"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.308.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.92"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.401.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.495.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.40"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1019"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.2491036"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.102.65"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.522.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.30"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.356.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.94"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.341.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.223"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.95"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.57"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.54"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.2.152.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.46"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.75"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.338.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.451.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.450.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.59"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.84"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.322.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.36"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.222.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1015"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.398.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.195.32"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.404.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.531.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.480.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.536.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.94"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.19"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.28"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.30"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.427.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.204"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375125"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.551.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.128"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1024"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.19"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.301"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.43"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.222.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.276.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.544.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.500.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.39"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1041"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1021"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.14"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.336.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.305.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.61"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1034"
          },
          {
            "_id": null,
            "model": "acrobat",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.38"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.222"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.98"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.262"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.317.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.65"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.320.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.65"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.31"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.37"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.17"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.224.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.366.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.33"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.339.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.4"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.335.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.424.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.39"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1035"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.288.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.478.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.100"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.14"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.540.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.465.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.23"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.542.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.59"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.62"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.37599"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.330.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.289.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1014"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.212.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.529.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1001"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.492.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.510.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.3.1549"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.410.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.79"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.27"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1056"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.45"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.547.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.536.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.292.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.38"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.405.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.212.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.2.153.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.37"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.31"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.49"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1029"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.4"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.378.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.13"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.2.149.30"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.62"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.551.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1037"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.16"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.360.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1060"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.249.78"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.547.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.300.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.509.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.387.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.27"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.382.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.97"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.290.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.40"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.386.0"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.425.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.485.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.486.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.450.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.48"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.372.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.514.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.450.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.392.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.403.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.221.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.45"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.5"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.212"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.302.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1063"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.0"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.29"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.72"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.206"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.304.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.289.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.360.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1028"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.133"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.26"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.51"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.4.154.31"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.487.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.302.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.19"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1046"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.303.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.404.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.2491059"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.332.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.25"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.159.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.220"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.101"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.44"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.73"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.41"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.12.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.60"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.275.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.340.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1013"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.436.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1023"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.373.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.44"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.369.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.397.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.353.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.511.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.531.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.89"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.70"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.20"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.43"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.491.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.300"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.56"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.535.1"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.470.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.461.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.437.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.446.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.43"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.321.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.15"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.357.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.459.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.541.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.221"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.536.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.81"
          },
          {
            "_id": null,
            "model": "acrobat professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.333.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.313.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.475.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.524.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.351.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.102"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "1.0.154.42"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.17"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.307"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.471.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1027"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.396.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.450.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.415.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.428.0"
          },
          {
            "_id": null,
            "model": "in motion blackberry playbook tablet software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "1.0.5.2304"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.42"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.309.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.32"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.205"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.16"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.447.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.460.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.4.154.33"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.344.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.307.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.204"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1008"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.13"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.156.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.25"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.466.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1053"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.455.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.38"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.488.0"
          },
          {
            "_id": null,
            "model": "acrobat professional extended",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.526.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.21"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.449.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.190.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.505.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.400.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.497.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.287.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.286.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.33"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.103"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.302.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.224"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.369.2"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.52"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.444.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.437.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.71"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.358.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.223.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.548.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.58"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.360.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.24"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1007"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1047"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.456.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1052"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.36"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.17"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.308"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.84"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.210"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.550.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.525.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.490.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.53"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.8"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.317.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1009"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.74"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.495.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.432.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.249.89"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.314.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.500.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.309"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.214"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.324.0"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1048"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.30"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1050"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.47"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.433.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.408.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.342.8"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.416.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.52"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.4.154.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.452"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.201"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "2.0.172.31"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.32"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.22"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.672.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.14"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.43"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "3.0.182.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.78"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.354.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.504.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.316.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.44"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.90"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.3"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.304"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.305"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.464.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.271.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.7"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "8.0.552.237"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.53"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.517.41"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.418.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "0.3.154.0"
          },
          {
            "_id": null,
            "model": "reader",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.359.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.383.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.376.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.465.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.205"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.306.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1025"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.375.33"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.4.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.0.295.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.536.3"
          },
          {
            "_id": null,
            "model": "acrobat standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.3.4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.37586"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.538.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "7.0.519.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "6.0.472.56"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "5.0.318.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "4.1.249.1011"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "48107"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2107"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_long_life",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Google",
        "sources": [
          {
            "db": "BID",
            "id": "48107"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-2107",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-2107",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-50052",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2107",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2107",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201106-043",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-50052",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2107"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\". \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. \nThe following versions are vulnerable:\nAdobe Flash Player 10.3.181.16 and prior versions for Windows, Macintosh, Linux and Solaris operating systems\nAdobe Flash Player 10.3.185.22 and prior versions for Android\nUPDATE (June 7, 2011): The vendor indicates there may be an impact related to the \u0027Authplay.dll\u0027 component of Adobe Reader and Acrobat X 10.0.3, Reader 9.x and 10.x, and Acrobat 9.x and 10.x. We will update this BID when additional details emerge. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: flash-plugin security update\nAdvisory ID:       RHSA-2011:0850-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2011-0850.html\nIssue date:        2011-06-06\nCVE Names:         CVE-2011-2107 \n=====================================================================\n\n1. Summary:\n\nAn updated Adobe Flash Player package that fixes one security issue is now \navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for each \nvulnerability from the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. This \nvulnerability is detailed on the Adobe security page APSB11-13, listed in \nthe References section. (CVE-2011-2107)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 10.3.181.22\n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nx86_64:\nflash-plugin-10.3.181.22-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2107.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttp://www.adobe.com/support/security/bulletins/apsb11-13.html\n\n8. Contact:\n\nThe Red Hat security contact is \u0026lt;secalert@redhat.com\u0026gt;.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFN7OqAXlSAg2UNWIIRApgjAKCldmXlUbDzD/uUwi8XnweoaBZ00gCeIzcZ\n1XCuXnfYCW/M6oYmVu+sw+U=\n=AUfZ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201110-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Adobe Flash Player: Multiple vulnerabilities\n     Date: October 13, 2011\n     Bugs: #354207, #359019, #363179, #367031, #370215, #372899,\n           #378637, #384017\n       ID: 201110-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in Adobe Flash Player might allow remote\nattackers to execute arbitrary code or cause a Denial of Service. \n\nBackground\n==========\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is\ncommonly used to provide interactive websites. \n\nImpact\n======\n\nBy enticing a user to open a specially crafted SWF file a remote\nattacker could cause a Denial of Service or the execution of arbitrary\ncode with the privileges of the user running the application. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[  1 ] APSA11-01\n       http://www.adobe.com/support/security/advisories/apsa11-01.html\n[  2 ] APSA11-02\n       http://www.adobe.com/support/security/advisories/apsa11-02.html\n[  3 ] APSB11-02\n       http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[  4 ] APSB11-12\n       http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[  5 ] APSB11-13\n       http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[  6 ] APSB11-21\n       https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[  7 ] APSB11-26\n       https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[  8 ] CVE-2011-0558\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[  9 ] CVE-2011-0559\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2107"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          },
          {
            "db": "BID",
            "id": "48107"
          },
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          },
          {
            "db": "PACKETSTORM",
            "id": "102036"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          }
        ],
        "trust": 2.16
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-50052",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2107",
            "trust": 3.0
          },
          {
            "db": "SECUNIA",
            "id": "44846",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "48107",
            "trust": 2.2
          },
          {
            "db": "SECTRACK",
            "id": "1025603",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "44847",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "44872",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "44871",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "44946",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "48308",
            "trust": 1.1
          },
          {
            "db": "SECTRACK",
            "id": "1025658",
            "trust": 1.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043",
            "trust": 0.7
          },
          {
            "db": "NSFOCUS",
            "id": "16910",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "102036",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-50052",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105802",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          },
          {
            "db": "BID",
            "id": "48107"
          },
          {
            "db": "PACKETSTORM",
            "id": "102036"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2107"
          }
        ]
      },
      "id": "VAR-201106-0026",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          }
        ],
        "trust": 0.6574074
      },
      "last_update_date": "2026-04-10T22:45:39.086000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB11-13",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
          },
          {
            "title": "APSB11-13 (cpsid_90656)",
            "trust": 0.8,
            "url": "http://kb2.adobe.com/jp/cps/906/cpsid_90656.html"
          },
          {
            "title": "APSB11-13",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-13.html"
          },
          {
            "title": "RHSA-2011:0850",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0850.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2107"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/44846"
          },
          {
            "trust": 2.2,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.securityfocus.com/bid/48107"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/44847"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/44871"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/44872"
          },
          {
            "trust": 1.4,
            "url": "http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html"
          },
          {
            "trust": 1.4,
            "url": "http://www.blackberry.com/btsc/kb27240"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13762"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2011-0850.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1025603"
          },
          {
            "trust": 1.1,
            "url": "http://www.securitytracker.com/id?1025658"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/44946"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "trust": 1.1,
            "url": "https://hermes.opensuse.org/messages/8704566"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67838"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2107"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2107"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id/1025603"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/16910"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
          },
          {
            "trust": 0.3,
            "url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-0850.html"
          },
          {
            "trust": 0.1,
            "url": "http://kbase.redhat.com/faq/docs/doc-11259"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2107.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2107"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
          },
          {
            "trust": 0.1,
            "url": "https://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
          },
          {
            "trust": 0.1,
            "url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50052"
          },
          {
            "db": "BID",
            "id": "48107"
          },
          {
            "db": "PACKETSTORM",
            "id": "102036"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2107"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-50052",
            "ident": null
          },
          {
            "db": "BID",
            "id": "48107",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "102036",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105802",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2107",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-06-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50052",
            "ident": null
          },
          {
            "date": "2011-06-05T00:00:00",
            "db": "BID",
            "id": "48107",
            "ident": null
          },
          {
            "date": "2011-06-07T01:41:09",
            "db": "PACKETSTORM",
            "id": "102036",
            "ident": null
          },
          {
            "date": "2011-10-14T06:16:06",
            "db": "PACKETSTORM",
            "id": "105802",
            "ident": null
          },
          {
            "date": "2011-06-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-043",
            "ident": null
          },
          {
            "date": "2011-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001710",
            "ident": null
          },
          {
            "date": "2011-06-09T02:38:36.213000",
            "db": "NVD",
            "id": "CVE-2011-2107",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50052",
            "ident": null
          },
          {
            "date": "2015-03-19T09:10:00",
            "db": "BID",
            "id": "48107",
            "ident": null
          },
          {
            "date": "2011-06-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-043",
            "ident": null
          },
          {
            "date": "2011-06-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001710",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2107",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player Vulnerable to cross-site scripting",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001710"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "XSS",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-043"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201006-0260

    Vulnerability from variot - Updated: 2026-04-10 22:45

    Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.

    Background

    libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes.

    Affected packages

    -------------------------------------------------------------------
     Package            /  Vulnerable  /                    Unaffected
    -------------------------------------------------------------------
    

    1 media-libs/libpng < 1.4.3 >= 1.4.3

    Description

    Multiple vulnerabilities were found in libpng:

    • The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)

    • A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)

    • A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)

    Impact

    An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.

    Workaround

    There is no known workaround at this time.

    Resolution

    All libpng users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
    

    References

    [ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201010-01.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    .

    For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.44-1

    We recommend that you upgrade your libpng package.

    Upgrade instructions


    wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

    If you are using the apt-get package manager, use the line for sources.list as given below:

    apt-get update will update the internal database apt-get upgrade will install corrected packages

    You may use an automated update by adding the resources from the footer to the proper configuration.

    Debian GNU/Linux 5.0 alias lenny


    Debian (stable)


    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

    Source archives:

    http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6

    Architecture independent packages:

    http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d

    alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99

    amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be

    arm architecture (ARM)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab

    armel architecture (ARM EABI)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556

    hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3

    i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4

    ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d

    mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3

    mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4

    powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc

    s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2

    sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed

    These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                   VMware Security Advisory
    

    Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425


    1. Summary

    VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.

    1. Relevant releases

    VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,

    Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.

    1. Problem Description

    a. VMware Workstation and Player installer security issue

    The Workstation 7.x and Player 3.x installers will load an index.htm
    file located in the current working directory on which Workstation
    7.x or Player 3.x is being installed. This may allow an attacker to
    display a malicious file if they manage to get their file onto the
    system prior to installation.
    
    The issue can only be exploited at the time that Workstation 7.x or
    Player 3.x is being installed. Installed versions of Workstation and
    Player are not affected. The security issue is no longer present in
    the installer of the new versions of Workstation 7.x and Player 3.x
    (see table below for the version numbers).
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2010-3277 to this issue.
    
    VMware would like to thank Alexander Trofimov and Marc Esher for
    independently reporting this issue to VMware.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    Workstation    7.x       any      7.1.2 build 301548 or later *
    Workstation    6.5.x     any      not affected
    
    Player         3.x       any      3.1.2 build 301548 or later *
    Player         2.5.x     any      not affected
    
    AMS            any       any      not affected
    
    Server         any       any      not affected
    
    Fusion         any       Mac OS/X not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            any       ESX      not affected
    
    • Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.

    b. Third party libpng updated to version 1.2.44

    A buffer overflow condition in libpng is addressed that could
    potentially lead to code execution with the privileges of the
    application using libpng. Two potential denial of service issues
    are also addressed in the update.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
    to these issues.
    
    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.
    
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    Workstation    7.1.x     any      7.1.2 build 301548 or later
    Workstation    6.5.x     any      affected, patch pending
    
    Player         3.1.x     any      3.1.2 build 301548 or later
    Player         2.5.x     any      affected, patch pending
    
    AMS            any       any      not affected
    
    Server         any       any      affected, no patch planned
    
    Fusion         any       Mac OS/X not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            any       ESX      not affected
    

    c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.

    A function in Apache HTTP Server when multithreaded MPM is used
    does not properly handle headers in subrequests in certain
    circumstances which may allow remote attackers to obtain sensitive
    information via a crafted request that triggers access to memory
    locations associated with an earlier request.
    
    The Apache mod_isapi module can be forced to unload a specific
    library before the processing of a request is complete, resulting
    in memory corruption.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
    issues addressed in this update.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    Workstation    any       any      not affected
    
    Player         any       any      not affected
    
    AMS            any       Windows  2.7.2 build 301548 or later
    AMS            any       Linux    affected, patch pending *
    
    Server         any       any      not affected
    
    Fusion         any       Mac OS/X not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            any       ESX      not affected
    
    • Note CVE-2010-0425 is not applicable to AMS running on Linux

    • Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

    VMware Workstation 7.1.2


    http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html

    Workstation for Windows 32-bit and 64-bit with VMware Tools
    md5sum: 2e9715ec297dc3ca904ad2707d3e2614 sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a

    Workstation for Windows 32-bit and 64-bit without VMware Tools
    md5sum: 066929f59aef46f11f4d9fd6c6b36e4d sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3

    VMware Player 3.1.2


    http://www.vmware.com/download/player/ Release notes:

    http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html

    VMware Player for Windows 32-bit and 64-bit
    md5sum: 3f289cb33af5e425c92d8512fb22a7ba sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70

    VMware Player for Linux 32-bit
    md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8 sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749

    VMware Player for Linux 64-bit
    md5sum: 2ab08e0d4050719845a64d334ca15bb1 sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c

    VMware ACE Management Server 2.7.2


    http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html

    ACE Management Server for Windows
    md5sum: 02f0072b8e48a98ed914b633f070d550 sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4

    1. References

    CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425


    1. Change log

    2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23


    1. Contact

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    • security-announce at lists.vmware.com
    • bugtraq at securityfocus.com
    • full-disclosure at lists.grok.org.uk

    E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

    VMware Security Center http://www.vmware.com/security

    VMware Security Advisories http://www.vmware.com/security/advisoiries

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2010 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)

    iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-960-1 July 08, 2010 libpng vulnerabilities CVE-2010-1205, CVE-2010-2249 ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS

    This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

    The problem can be corrected by upgrading your system to the following package versions:

    Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.6

    Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.3

    Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.2

    Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.2

    Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.1

    After a standard system update you need to reboot your computer to make all the necessary changes.

    Details follow:

    It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)

    It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-2249)

    Updated packages for Ubuntu 6.06 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz
      Size/MD5:    24044 8979ca6b113137fe5ee051c1c70571eb
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc
      Size/MD5:      661 92722fa973e92a99f982fe05b5826adf
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
      Size/MD5:   510681 cac1512878fb98f2456df6dc50bc9bc7
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb
      Size/MD5:      842 dcbc7d24c8426e3b3024859ec157f57e
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb
      Size/MD5:   114528 aea355e99e67b76c9464f8cc49b3560d
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb
      Size/MD5:   247576 f0e52e10a663f9b1b04d9371d4a2cf14
    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb
      Size/MD5:    69504 6536e83152b2cf00d0d961b9b095c2d5
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb
      Size/MD5:   112048 b8f85cc6154602422a8841a5cad1a4a1
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb
      Size/MD5:   239628 fb6f6e62a9fa6114c50946c74cb2ed5d
    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb
      Size/MD5:    66946 501acb21d567d62608904e4272ff842d
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb
      Size/MD5:   111648 19cccb12fb968f40f04068b9da24f589
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb
      Size/MD5:   245230 ebdbfc860056170b7a165479d7905bb3
    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb
      Size/MD5:    66458 24e918a95770150b4df72530bd6de095
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb
      Size/MD5:   109156 510d17affd2c0cf3f5dce5379df57d49
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb
      Size/MD5:   240072 1ff11e0649a58bc7b809c86941aaafd7
    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb
      Size/MD5:    63882 d7df02c540e66a536cbffca5d02645d5
    

    Updated packages for Ubuntu 8.04 LTS:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz
      Size/MD5:    22755 f5c0ba19b04eba8264ebb6b30c5617d6
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc
      Size/MD5:      832 d08a82b28411baa0184d3b8231fd8b61
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
      Size/MD5:   829038 77ca14fcee1f1f4daaaa28123bd0b22d
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb
      Size/MD5:      940 7344fa4e61880636b014525f6e6482a1
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb
      Size/MD5:   190186 01f82b2b967c5212e834dd57c12c1a7c
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb
      Size/MD5:   179752 c26e243dd21f5dd10b478c0415215c1c
    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb
      Size/MD5:    70534 5f7628d9b644ae953c515d18f7de9980
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb
      Size/MD5:   188782 51354007cca0796218e3aaeba6142c41
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb
      Size/MD5:   171216 b7a092ef2f5955b380adc015bfae6c81
    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb
      Size/MD5:    69082 7612cd438ddfaab236de5f342f709b66
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb
      Size/MD5:   189664 4825baf36c5d14b5066d548aaf050866
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb
      Size/MD5:   172962 b16b496d6553fbf28523147617011b95
    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb
      Size/MD5:    70020 61f5d75c4435333ef586677a07d49915
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb
      Size/MD5:   190300 8ac6e4c1efb73de848d5bc5457093e7a
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb
      Size/MD5:   179166 d92637edf805d7d673a4440b2605dc57
    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb
      Size/MD5:    70604 adf25dd26d85725ab3c74c4a80a7a541
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb
      Size/MD5:   185622 ef3cf5486afe387d09bf05106893b371
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb
      Size/MD5:   173422 4b2f3476b423a3c5c31ee0738bfb4458
    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb
      Size/MD5:    65928 ab5ac0b24d618dc432d1763a0e50ebda
    

    Updated packages for Ubuntu 9.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz
      Size/MD5:   176459 b2f27af9534f3c5b9a120680cd41ce7c
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc
      Size/MD5:     1296 b66efe2157ab6f3dad6e57b4fe9dbf13
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
      Size/MD5:   783204 13a0de401db1972a8e68f47d5bdadd13
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb
      Size/MD5:      932 1c66e49e2b875fa40c5556c19d076508
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb
      Size/MD5:    72852 a1bbcffd25c3ec87cbdf86be154962fc
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb
      Size/MD5:   168576 9f40f2846c21aa5835f53ab6895ec5cf
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb
      Size/MD5:   255784 d9060ad287e40ded1848b79284abbcc0
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb
      Size/MD5:    71102 c18134055d747d066b60218b69e99d45
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb
      Size/MD5:   166904 e8151a3f79f0fff6d98bbb0675621594
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb
      Size/MD5:   247922 ae8412d1c420f1dd63cb436382cad51f
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb
      Size/MD5:    71488 5179307ffe74c10515e61503e647606f
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb
      Size/MD5:   167370 dd07d7a09484eb7711da5cd874099abe
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb
      Size/MD5:   248872 a34333b123f4d12e7872868111942cbd
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb
      Size/MD5:    71674 f742f2771d94ca29746906c1177d657d
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb
      Size/MD5:   167514 478378fde5c7fd14fbffa1be072aa21c
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb
      Size/MD5:   254642 ba3f255f4346a4483c5410d55acaac65
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb
      Size/MD5:    66670 ee067298bc51471f06bcf1a74b557310
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb
      Size/MD5:   162336 ab167dcdbbd930a3d976af0ad57cbac2
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb
      Size/MD5:   248428 8b96f4ff4f0ad8e366ed4475d3890948
    

    Updated packages for Ubuntu 9.10:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz
      Size/MD5:    20129 f230ec37944a0150ffc83cfdddc7c906
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc
      Size/MD5:     1293 fce0b2fd543aeff27d47fb91f12af053
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
      Size/MD5:   805380 7480dbbf9f6c3297faf6fe52ec9b91ab
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb
      Size/MD5:      932 cee669d58ac9660e1fe71cf9e2eeda9d
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb
      Size/MD5:    73938 15bb328beed6ab3287967c54e4177018
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb
      Size/MD5:   175088 f003cc7565826cfcc337ab409ffc6e8f
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb
      Size/MD5:   265400 2d26dc0e9ddb6c2010776fbbcb82d791
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb
      Size/MD5:    70444 a80af68dda6ff1aa3168040d33600e64
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb
      Size/MD5:   171594 3fca9df961cc3616b75f6518ab870a68
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb
      Size/MD5:   255474 1ab05dffaa25e1d9190d0ea872b0fbd8
    

    lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb
      Size/MD5:    71066 0495b247d489438259937bee1f17761f
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb
      Size/MD5:   172296 730fd7a16f9496e37ffee99ea68d15a6
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb
      Size/MD5:   257350 fff93fe6a558aef20e20b8b8f15227e7
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb
      Size/MD5:    72524 8e92aaedc8e6fabafed81cca60a833e9
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb
      Size/MD5:   173720 055336debc8a5b9ff92e6cae9998ac94
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb
      Size/MD5:   264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb
      Size/MD5:    67348 44b9c2989661e116d78b809a8657a5c8
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb
      Size/MD5:   168516 b98b4872db6f90caf0f43da67197dec0
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb
      Size/MD5:   257634 eb673ad114284bbd9be37e1c322e1bfb
    

    Updated packages for Ubuntu 10.04:

    Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2
      Size/MD5:    19511 ac49d7354c1ab87a91dbad607733629f
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc
      Size/MD5:     1299 dae31f78418d5db8c3476d7562859658
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2
      Size/MD5:   670811 9a5cbe9798927fdf528f3186a8840ebe
    

    Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb
      Size/MD5:      926 602d7036448637b45c1eacbc31e05640
    

    amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb
      Size/MD5:    74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb
      Size/MD5:   180006 3b5339fe77bcdae97bb2a318496a192e
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb
      Size/MD5:   271858 ae0c6a1e973dad2b0a0685fd863c096d
    

    i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb
      Size/MD5:    70692 b264bdd0086f3451e42df7f840ab894a
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb
      Size/MD5:   176510 03c3d70135e907f21b2342972d8a9b40
    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb
      Size/MD5:   261728 955b40272944dd988ee39b62d8c6606c
    

    powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb
      Size/MD5:    73380 ad2cda1c89c55c473121da33a40294f6
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb
      Size/MD5:   179272 b6623c3dcdc841a762308f889c8b478e
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb
      Size/MD5:   271898 fcccfdb0eb4bc3a3470a83888f8bae28
    

    sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb
      Size/MD5:    69258 ec2047ed5079933d6dbeb841a0207c59
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb
      Size/MD5:   175214 142020dfd126d2335bc93bad6a714799
    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb
      Size/MD5:   265174 06843a4a028c5533e89d5562cbeb2047
    

    . Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory.

    Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490

    The updated packages have been patched to correct these issues.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249


    Updated Packages:

    Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm

    Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm

    Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm

    Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm

    Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm

    Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm

    Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm

    Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm

    Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm

    Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm

    Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm

    Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm

    Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

    iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX KlOM1C8b0XVNVFF83vXPz9A= =E10C -----END PGP SIGNATURE-----


    Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 1.1,
            "vendor": "apple",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "12"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "7.1.2"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "tvos",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "4.1.0"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "5.0.4"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "6.5.0"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "2.5.5"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "libpng",
            "version": "1.2.44"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "libpng",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "6.5.5"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "iphone os",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "13"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "libpng",
            "version": "1.4.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "vmware",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "libpng",
            "version": "1.0.42"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "libpng",
            "version": "1.0.33"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "libpng",
            "version": "1.0.32"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "png group",
            "version": "1.2.44"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "png group",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "2.5.x"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "3.1.x"
          },
          {
            "_id": null,
            "model": "server",
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "6.5.x"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "7.1.x"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.8"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.6 to  v10.6.4"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.5.8"
          },
          {
            "_id": null,
            "model": "mac os x server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "v10.6 to  v10.6.4"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "(2nd generation) 4.0 software"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "2.0 to  4.1 (iphone 3g after )"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "2.1 to  4.1 (ipod touch (2nd generation) after )"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "3.2 to  3.2.2 (ipad for )"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": null,
            "trust": 0.8,
            "vendor": "apple",
            "version": null
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "apple",
            "version": "5"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "11 express"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "8"
          },
          {
            "_id": null,
            "model": "solaris",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "9"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "4.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "libpng",
            "version": "1.0.40"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "libpng",
            "version": "1.0.41"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "libpng",
            "version": "1.0.29"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "libpng",
            "version": "1.0.30"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "libpng",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.25"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.42"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "intuity audix",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.16"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.18"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "messaging storage server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.7"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "beta01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.27"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.6.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "voice portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.4"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5118166"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "15.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5118166"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.21"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "solaris express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.36"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.9"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.6"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for exchange mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.6"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.1"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.1.2301548"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.3"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.9156507"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.4"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.18"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.3"
          },
          {
            "_id": null,
            "model": "ir",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "message networking mn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "coat systems proxyav",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "blue",
            "version": "3.4.1.1"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "beta01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "beta19",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.2156735"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.1"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.15"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.5"
          },
          {
            "_id": null,
            "model": "aura system platform sp1.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.2"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.6.7"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.11"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.4"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4246459"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.1"
          },
          {
            "_id": null,
            "model": "ir",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.7"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.2"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "voice portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.8"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.2"
          },
          {
            "_id": null,
            "model": "intuity audix lx sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.13"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.10"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.0"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.20"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.5"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.14"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.10203137"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.12"
          },
          {
            "_id": null,
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.8"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.27"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux enterprise sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for exchange mr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.3"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1.2"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.6.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3185404"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "7.1.2301548"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.10"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for novell groupwise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "4.1.7"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for domino mr3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "0.90"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20090"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.2"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.6.3"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.1"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.26"
          },
          {
            "_id": null,
            "model": "linux x86 64 -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.1"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.8126538"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.24"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.6"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.0.1.8"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.43"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ipod touch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "11.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.4"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.6"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.9"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.2"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.44"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.9"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.7108231"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.34"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.17"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "safari beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "0"
          },
          {
            "_id": null,
            "model": "intuity audix r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for domino mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.37"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.2156735"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.5"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "enterprise linux optional productivity application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.4"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "linux x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.17"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "coat systems proxyav",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "blue",
            "version": "3.4.1.0"
          },
          {
            "_id": null,
            "model": "intuity audix lx r1.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.580187"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2203138"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.7"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for exchange mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.1"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.4246459"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "intuity audix lx sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.52"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.43"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.8"
          },
          {
            "_id": null,
            "model": "ipad",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.8"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "iphone",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.1"
          },
          {
            "_id": null,
            "model": "intuity lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.691891"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "linux lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.10"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5.8"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for domino",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "linux enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.11"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.22"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "itunes",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "ios beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "cms server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "16.2"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.5.3185404"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.5.7"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.1156745"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server express for domino mr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.16"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.53"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.13"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.0.10"
          },
          {
            "_id": null,
            "model": "in motion blackberry enterprise server for novell groupwise mr3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "research",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "safari",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "aura conferencing standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "9.04"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2008.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.35"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "intuity audix lx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "tv",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.0.4"
          },
          {
            "_id": null,
            "model": "ios",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.2.2"
          },
          {
            "_id": null,
            "model": "safari for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "4"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "libpng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "libpng",
            "version": "1.2.19"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "41174"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2249"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:libpng:libpng",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:vmware:player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:vmware:server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:vmware:workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:mac_os_x_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:apple_tv",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:apple:iphone_os",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:ipad",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:iphone",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/h:apple:ipod_touch",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:itunes",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:apple:safari",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:oracle:solaris",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Greg Roelofs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2010-2249",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2010-2249",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.1,
                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.0,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2010-2249",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 4.3,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.6,
                "id": "VHN-44854",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2010-2249",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2010-2249",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2010-2249",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201006-491",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-44854",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2010-2249",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-44854"
          },
          {
            "db": "VULMON",
            "id": "CVE-2010-2249"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2249"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The \u0027libpng\u0027 library is prone to multiple vulnerabilities. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. \nThese issues affect versions prior to \u0027libpng\u0027 1.4.3 and 1.2.44. \n\nBackground\n==========\n\nlibpng is a standard library used to process PNG (Portable Network\nGraphics) images. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package            /  Vulnerable  /                    Unaffected\n    -------------------------------------------------------------------\n  1  media-libs/libpng       \u003c 1.4.3                          \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n  handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n  (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n  chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2010-0205\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n  [ 2 ] CVE-2010-1205\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n  [ 3 ] CVE-2010-2249\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.44-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc\n    Size/MD5 checksum:     1201 518a1f5c30a115dcb732e7499a2cef96\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n    Size/MD5 checksum:   783204 13a0de401db1972a8e68f47d5bdadd13\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz\n    Size/MD5 checksum:    21437 43e68a174233314cf49bb204abdd29b6\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb\n    Size/MD5 checksum:      886 94643952b104a6f231ed7d710e2ae95d\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb\n    Size/MD5 checksum:   182808 27b109278c41f9354d529ce0cfa2fe70\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb\n    Size/MD5 checksum:   287316 b05d9032dca244cfbb1773e17eb8fbf3\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb\n    Size/MD5 checksum:    86558 2082c8b1458c53860b8243c184909d99\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb\n    Size/MD5 checksum:    71944 a3992e7b18a2897879863fbf70f3e44f\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb\n    Size/MD5 checksum:   167620 b654901994d4666d2918869ef59aef38\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb\n    Size/MD5 checksum:   254780 dfb0d24bf329b004ccea98b3a94186be\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb\n    Size/MD5 checksum:    64570 f8b22165ed7daf5c40ecff5e03b7c724\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb\n    Size/MD5 checksum:   159684 b64a7d362ef23b72d4af94bd48c89e33\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb\n    Size/MD5 checksum:   245526 a55f8943e244796a2dbf4b244673d9ab\n\narmel architecture (ARM EABI)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb\n    Size/MD5 checksum:    67034 4d6f0fbce281723de483067ae4226f18\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb\n    Size/MD5 checksum:   162570 fb1927ecf7521ce2de4c3c2d3d9ba679\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb\n    Size/MD5 checksum:   245964 38148590fd5c421c6e7649767ce23556\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb\n    Size/MD5 checksum:   170090 1a9ad8514fb3dd6111090f321553452b\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb\n    Size/MD5 checksum:   260414 b1ada2a28da472703f953547dc2947e2\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb\n    Size/MD5 checksum:    73894 eb6714f86f8085811a3dc1a1218a75a3\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb\n    Size/MD5 checksum:   245468 8b6e9b5424a8991c05734f90b00182a2\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb\n    Size/MD5 checksum:   166290 70c41d2feb2aff02be6154cea7cec1f4\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb\n    Size/MD5 checksum:    70118 e7c845ff2e87dc1dc2849ecac4428aa4\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb\n    Size/MD5 checksum:   111752 9b3c6f30c1d59df47d8f1736cffb5f74\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb\n    Size/MD5 checksum:   207554 ca076c99f9d64729eab9a58632ab2b9e\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb\n    Size/MD5 checksum:   305536 0446686bb25783804121efced246e59d\n\nmips architecture (MIPS (Big Endian))\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb\n    Size/MD5 checksum:   164086 e615a6007aa89ccd38a1afc482c6c51e\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb\n    Size/MD5 checksum:    68180 beec6961eba764cd9186f4ba1e116949\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb\n    Size/MD5 checksum:   262216 937b2f2c26200b4a53f0bd8293b80af3\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb\n    Size/MD5 checksum:    68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb\n    Size/MD5 checksum:   164312 48ec081a3f25a7863fe689a212d37b07\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb\n    Size/MD5 checksum:   262482 560287e9b0c79a7d51ff4fd37e0a8da4\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb\n    Size/MD5 checksum:   253154 caa93c1b0d9460d93d7b81241dcd25fb\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb\n    Size/MD5 checksum:    70748 59534d8fcb740fdfd681a173a85d72fe\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb\n    Size/MD5 checksum:   166354 3d521ce5930a7707bb3afc61f7c48ccc\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb\n    Size/MD5 checksum:    73500 bceb1dab986adc60adde49c6bb267e7d\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb\n    Size/MD5 checksum:   253036 85ebb3e8ac1749f20e0c45f489f348a6\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb\n    Size/MD5 checksum:   169330 aa9808b63b2301f8be657a3c2d6797d2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb\n    Size/MD5 checksum:   161688 5f12a2df5cea9e05bdad35a18e07f864\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb\n    Size/MD5 checksum:    66084 bc6933daf2143bcc3f3b8c96e7bc29bb\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb\n    Size/MD5 checksum:   247360 ad0ae85eb3806d0263b985139c3c54ed\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0014\nSynopsis:          VMware Workstation, Player, and ACE address several\n                   security issues. \nIssue date:        2010-09-23\nUpdated on:        2010-09-23 (initial release of advisory)\nCVE numbers:       CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n                   CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n   VMware Workstation and Player address a potential installer security\n   issue and security issues in libpng. VMware ACE Management Server\n   (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n   VMware Workstation 7.1.1 and earlier,\n   VMware Player 3.1.1 and earlier,\n   VMware ACE Management Server 2.7.1 and earlier,\n\n   Note: VMware Server was declared End Of Availability on January 2010,\n         support will be limited to Technical Guidance for the duration\n         of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n    The Workstation 7.x and Player 3.x installers will load an index.htm\n    file located in the current working directory on which Workstation\n    7.x or Player 3.x is being installed. This may allow an attacker to\n    display a malicious file if they manage to get their file onto the\n    system prior to installation. \n\n    The issue can only be exploited at the time that Workstation 7.x or\n    Player 3.x is being installed. Installed versions of Workstation and\n    Player are not affected. The security issue is no longer present in\n    the installer of the new versions of Workstation 7.x and Player 3.x\n    (see table below for the version numbers). \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-3277 to this issue. \n\n    VMware would like to thank Alexander Trofimov and Marc Esher for\n    independently reporting this issue to VMware. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.x       any      7.1.2 build 301548 or later *\n    Workstation    6.5.x     any      not affected\n\n    Player         3.x       any      3.1.2 build 301548 or later *\n    Player         2.5.x     any      not affected\n\n    AMS            any       any      not affected\n\n    Server         any       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n * Note: This only affects the installer, if you have a version of\n         Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n    A buffer overflow condition in libpng is addressed that could\n    potentially lead to code execution with the privileges of the\n    application using libpng. Two potential denial of service issues\n    are also addressed in the update. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n    to these issues. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.1.x     any      7.1.2 build 301548 or later\n    Workstation    6.5.x     any      affected, patch pending\n\n    Player         3.1.x     any      3.1.2 build 301548 or later\n    Player         2.5.x     any      affected, patch pending\n\n    AMS            any       any      not affected\n\n    Server         any       any      affected, no patch planned\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n    version 2.2.15. \n\n    A function in Apache HTTP Server when multithreaded MPM is used\n    does not properly handle headers in subrequests in certain\n    circumstances which may allow remote attackers to obtain sensitive\n    information via a crafted request that triggers access to memory\n    locations associated with an earlier request. \n\n    The Apache mod_isapi module can be forced to unload a specific\n    library before the processing of a request is complete, resulting\n    in memory corruption. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n    issues addressed in this update. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    any       any      not affected\n\n    Player         any       any      not affected\n\n    AMS            any       Windows  2.7.2 build 301548 or later\n    AMS            any       Linux    affected, patch pending *\n\n    Server         any       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation 7.1.2\n   ------------------------\n   http://www.vmware.com/download/ws/\n   Release notes:\n   http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n   Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n   md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n   sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n   Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n   md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n   sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n   VMware Player 3.1.2\n   -------------------\n   http://www.vmware.com/download/player/\n   Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n   VMware Player for Windows 32-bit and 64-bit\t\n   md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n   sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n   VMware Player for Linux 32-bit\t\n   md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n   sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n   VMware Player for Linux 64-bit\t\n   md5sum: 2ab08e0d4050719845a64d334ca15bb1\n   sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n   VMware ACE Management Server 2.7.2\n   ----------------------------------\n   http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n   Release notes:\n   http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n   ACE Management Server for Windows\t\n   md5sum: 02f0072b8e48a98ed914b633f070d550\n   sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23  VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-960-1              July 08, 2010\nlibpng vulnerabilities\nCVE-2010-1205, CVE-2010-2249\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libpng12-0                      1.2.8rel-5ubuntu0.6\n\nUbuntu 8.04 LTS:\n  libpng12-0                      1.2.15~beta5-3ubuntu0.3\n\nUbuntu 9.04:\n  libpng12-0                      1.2.27-2ubuntu2.2\n\nUbuntu 9.10:\n  libpng12-0                      1.2.37-1ubuntu0.2\n\nUbuntu 10.04 LTS:\n  libpng12-0                      1.2.42-1ubuntu2.1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program. \n(CVE-2010-1205)\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into processing a\ncrafted PNG image, an attacker could possibly use this flaw to consume all\navailable resources, resulting in a denial of service. (CVE-2010-2249)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz\n      Size/MD5:    24044 8979ca6b113137fe5ee051c1c70571eb\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc\n      Size/MD5:      661 92722fa973e92a99f982fe05b5826adf\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n      Size/MD5:   510681 cac1512878fb98f2456df6dc50bc9bc7\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb\n      Size/MD5:      842 dcbc7d24c8426e3b3024859ec157f57e\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb\n      Size/MD5:   114528 aea355e99e67b76c9464f8cc49b3560d\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb\n      Size/MD5:   247576 f0e52e10a663f9b1b04d9371d4a2cf14\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb\n      Size/MD5:    69504 6536e83152b2cf00d0d961b9b095c2d5\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb\n      Size/MD5:   112048 b8f85cc6154602422a8841a5cad1a4a1\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb\n      Size/MD5:   239628 fb6f6e62a9fa6114c50946c74cb2ed5d\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb\n      Size/MD5:    66946 501acb21d567d62608904e4272ff842d\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb\n      Size/MD5:   111648 19cccb12fb968f40f04068b9da24f589\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb\n      Size/MD5:   245230 ebdbfc860056170b7a165479d7905bb3\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb\n      Size/MD5:    66458 24e918a95770150b4df72530bd6de095\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb\n      Size/MD5:   109156 510d17affd2c0cf3f5dce5379df57d49\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb\n      Size/MD5:   240072 1ff11e0649a58bc7b809c86941aaafd7\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb\n      Size/MD5:    63882 d7df02c540e66a536cbffca5d02645d5\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz\n      Size/MD5:    22755 f5c0ba19b04eba8264ebb6b30c5617d6\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc\n      Size/MD5:      832 d08a82b28411baa0184d3b8231fd8b61\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n      Size/MD5:   829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb\n      Size/MD5:      940 7344fa4e61880636b014525f6e6482a1\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb\n      Size/MD5:   190186 01f82b2b967c5212e834dd57c12c1a7c\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb\n      Size/MD5:   179752 c26e243dd21f5dd10b478c0415215c1c\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb\n      Size/MD5:    70534 5f7628d9b644ae953c515d18f7de9980\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb\n      Size/MD5:   188782 51354007cca0796218e3aaeba6142c41\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb\n      Size/MD5:   171216 b7a092ef2f5955b380adc015bfae6c81\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb\n      Size/MD5:    69082 7612cd438ddfaab236de5f342f709b66\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb\n      Size/MD5:   189664 4825baf36c5d14b5066d548aaf050866\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb\n      Size/MD5:   172962 b16b496d6553fbf28523147617011b95\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb\n      Size/MD5:    70020 61f5d75c4435333ef586677a07d49915\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n      Size/MD5:   190300 8ac6e4c1efb73de848d5bc5457093e7a\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n      Size/MD5:   179166 d92637edf805d7d673a4440b2605dc57\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb\n      Size/MD5:    70604 adf25dd26d85725ab3c74c4a80a7a541\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb\n      Size/MD5:   185622 ef3cf5486afe387d09bf05106893b371\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb\n      Size/MD5:   173422 4b2f3476b423a3c5c31ee0738bfb4458\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb\n      Size/MD5:    65928 ab5ac0b24d618dc432d1763a0e50ebda\n\nUpdated packages for Ubuntu 9.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz\n      Size/MD5:   176459 b2f27af9534f3c5b9a120680cd41ce7c\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc\n      Size/MD5:     1296 b66efe2157ab6f3dad6e57b4fe9dbf13\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n      Size/MD5:   783204 13a0de401db1972a8e68f47d5bdadd13\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb\n      Size/MD5:      932 1c66e49e2b875fa40c5556c19d076508\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb\n      Size/MD5:    72852 a1bbcffd25c3ec87cbdf86be154962fc\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb\n      Size/MD5:   168576 9f40f2846c21aa5835f53ab6895ec5cf\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb\n      Size/MD5:   255784 d9060ad287e40ded1848b79284abbcc0\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb\n      Size/MD5:    71102 c18134055d747d066b60218b69e99d45\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb\n      Size/MD5:   166904 e8151a3f79f0fff6d98bbb0675621594\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb\n      Size/MD5:   247922 ae8412d1c420f1dd63cb436382cad51f\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb\n      Size/MD5:    71488 5179307ffe74c10515e61503e647606f\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb\n      Size/MD5:   167370 dd07d7a09484eb7711da5cd874099abe\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb\n      Size/MD5:   248872 a34333b123f4d12e7872868111942cbd\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb\n      Size/MD5:    71674 f742f2771d94ca29746906c1177d657d\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb\n      Size/MD5:   167514 478378fde5c7fd14fbffa1be072aa21c\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb\n      Size/MD5:   254642 ba3f255f4346a4483c5410d55acaac65\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb\n      Size/MD5:    66670 ee067298bc51471f06bcf1a74b557310\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb\n      Size/MD5:   162336 ab167dcdbbd930a3d976af0ad57cbac2\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb\n      Size/MD5:   248428 8b96f4ff4f0ad8e366ed4475d3890948\n\nUpdated packages for Ubuntu 9.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz\n      Size/MD5:    20129 f230ec37944a0150ffc83cfdddc7c906\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc\n      Size/MD5:     1293 fce0b2fd543aeff27d47fb91f12af053\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n      Size/MD5:   805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb\n      Size/MD5:      932 cee669d58ac9660e1fe71cf9e2eeda9d\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb\n      Size/MD5:    73938 15bb328beed6ab3287967c54e4177018\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb\n      Size/MD5:   175088 f003cc7565826cfcc337ab409ffc6e8f\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb\n      Size/MD5:   265400 2d26dc0e9ddb6c2010776fbbcb82d791\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb\n      Size/MD5:    70444 a80af68dda6ff1aa3168040d33600e64\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb\n      Size/MD5:   171594 3fca9df961cc3616b75f6518ab870a68\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb\n      Size/MD5:   255474 1ab05dffaa25e1d9190d0ea872b0fbd8\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb\n      Size/MD5:    71066 0495b247d489438259937bee1f17761f\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb\n      Size/MD5:   172296 730fd7a16f9496e37ffee99ea68d15a6\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb\n      Size/MD5:   257350 fff93fe6a558aef20e20b8b8f15227e7\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb\n      Size/MD5:    72524 8e92aaedc8e6fabafed81cca60a833e9\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb\n      Size/MD5:   173720 055336debc8a5b9ff92e6cae9998ac94\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb\n      Size/MD5:   264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb\n      Size/MD5:    67348 44b9c2989661e116d78b809a8657a5c8\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb\n      Size/MD5:   168516 b98b4872db6f90caf0f43da67197dec0\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb\n      Size/MD5:   257634 eb673ad114284bbd9be37e1c322e1bfb\n\nUpdated packages for Ubuntu 10.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2\n      Size/MD5:    19511 ac49d7354c1ab87a91dbad607733629f\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc\n      Size/MD5:     1299 dae31f78418d5db8c3476d7562859658\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2\n      Size/MD5:   670811 9a5cbe9798927fdf528f3186a8840ebe\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb\n      Size/MD5:      926 602d7036448637b45c1eacbc31e05640\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb\n      Size/MD5:    74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb\n      Size/MD5:   180006 3b5339fe77bcdae97bb2a318496a192e\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb\n      Size/MD5:   271858 ae0c6a1e973dad2b0a0685fd863c096d\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb\n      Size/MD5:    70692 b264bdd0086f3451e42df7f840ab894a\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb\n      Size/MD5:   176510 03c3d70135e907f21b2342972d8a9b40\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb\n      Size/MD5:   261728 955b40272944dd988ee39b62d8c6606c\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb\n      Size/MD5:    73380 ad2cda1c89c55c473121da33a40294f6\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb\n      Size/MD5:   179272 b6623c3dcdc841a762308f889c8b478e\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb\n      Size/MD5:   271898 fcccfdb0eb4bc3a3470a83888f8bae28\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb\n      Size/MD5:    69258 ec2047ed5079933d6dbeb841a0207c59\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb\n      Size/MD5:   175214 142020dfd126d2335bc93bad6a714799\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb\n      Size/MD5:   265174 06843a4a028c5533e89d5562cbeb2047\n\n\n\n. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is\n therefore also being provided with this advisory. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8  2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14  2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963  2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56  2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b  2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9  2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7  2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f  2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb  2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8  2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949  2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b  2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477  2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a  2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9  2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211  2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34  2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b  2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a  2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208  2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429  2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c  2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717  2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b  2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd  2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa  2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f  2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b  2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477  2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a  2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9  2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211  2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf  2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434  2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802  2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c  2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897  2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a  2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321  2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6  2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4  2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897  2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469  2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce  2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a  2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe  2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216  2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730  2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be  2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755  2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9  2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216  2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa  2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f  2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af  2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf  2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6  2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122  2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154  2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa  2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128  2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6  2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d  2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b  2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff  2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477  2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8  2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a  2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a  2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e  2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18  2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8  2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c  corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119  corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697  corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68  corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474  corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220  corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216  corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9  corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd  corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043  corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260  corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f  corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220  corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216  corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4  mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633  mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a  mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888  mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926  mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9  mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473  mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d  mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af  mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926  mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX\nKlOM1C8b0XVNVFF83vXPz9A=\n=E10C\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-2249"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          },
          {
            "db": "BID",
            "id": "41174"
          },
          {
            "db": "VULHUB",
            "id": "VHN-44854"
          },
          {
            "db": "VULMON",
            "id": "CVE-2010-2249"
          },
          {
            "db": "PACKETSTORM",
            "id": "94522"
          },
          {
            "db": "PACKETSTORM",
            "id": "91973"
          },
          {
            "db": "PACKETSTORM",
            "id": "94244"
          },
          {
            "db": "PACKETSTORM",
            "id": "91619"
          },
          {
            "db": "PACKETSTORM",
            "id": "91878"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-2249",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "41174",
            "trust": 2.9
          },
          {
            "db": "SECUNIA",
            "id": "40302",
            "trust": 2.6
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1612",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "40472",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "41574",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "42317",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "40547",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "42314",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "40336",
            "trust": 1.8
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-2491",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1837",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1755",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-3046",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1877",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1637",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-3045",
            "trust": 1.7
          },
          {
            "db": "VUPEN",
            "id": "ADV-2010-1846",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1024723",
            "trust": 1.7
          },
          {
            "db": "XF",
            "id": "59816",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-44854",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/1837",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/3046",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/3045",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/1612",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/2491",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/1637",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/1846",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/1877",
            "trust": 0.1
          },
          {
            "db": "VUPEN",
            "id": "2010/1755",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2010-2249",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "94522",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "91973",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "94244",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "91619",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "91878",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-44854"
          },
          {
            "db": "VULMON",
            "id": "CVE-2010-2249"
          },
          {
            "db": "BID",
            "id": "41174"
          },
          {
            "db": "PACKETSTORM",
            "id": "94522"
          },
          {
            "db": "PACKETSTORM",
            "id": "91973"
          },
          {
            "db": "PACKETSTORM",
            "id": "94244"
          },
          {
            "db": "PACKETSTORM",
            "id": "91619"
          },
          {
            "db": "PACKETSTORM",
            "id": "91878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2249"
          }
        ]
      },
      "id": "VAR-201006-0260",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-44854"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:45:33.190000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "HT4456",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4456"
          },
          {
            "title": "HT4457",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4457"
          },
          {
            "title": "HT4554",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "title": "HT4566",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "title": "HT4435",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "title": "HT4456",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4456?viewlocale=ja_JP"
          },
          {
            "title": "HT4457",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4457?viewlocale=ja_JP"
          },
          {
            "title": "HT4554",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP"
          },
          {
            "title": "HT4566",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP"
          },
          {
            "title": "HT4435",
            "trust": 0.8,
            "url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP"
          },
          {
            "title": "libpng-1.2.10-7.1.3.0.1.AXS3",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "title": "libpng-1.2.44-README",
            "trust": 0.8,
            "url": "http://www.libpng.org/pub/png/src/libpng-1.2.44-README.txt"
          },
          {
            "title": "2078",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
          },
          {
            "title": "2079",
            "trust": 0.8,
            "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
          },
          {
            "title": "RHSA-2010:0534",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html"
          },
          {
            "title": "multiple_vulnerabilities_in_libpng",
            "trust": 0.8,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
          },
          {
            "title": "VMSA-2010-0014",
            "trust": 0.8,
            "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
          },
          {
            "title": "libpng-1.4.1.tar.xz",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216"
          },
          {
            "title": "libpng-1.4.1.tar.gz",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=215"
          },
          {
            "title": "linpng_txt.zip",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219"
          },
          {
            "title": "libpng-1.4.1.tar.bz2",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=214"
          },
          {
            "title": "lpng141.zip",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218"
          },
          {
            "title": "lpng141.7z",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=217"
          },
          {
            "title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9"
          },
          {
            "title": "Ubuntu Security Notice: libpng vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1"
          },
          {
            "title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285"
          },
          {
            "title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2010-2249"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-401",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-399",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-44854"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2249"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.7,
            "url": "http://www.securityfocus.com/bid/41174"
          },
          {
            "trust": 2.6,
            "url": "http://secunia.com/advisories/40302"
          },
          {
            "trust": 2.6,
            "url": "http://www.vupen.com/english/advisories/2010/1612"
          },
          {
            "trust": 2.1,
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id?1024723"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/40336"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/40472"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/40547"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/41574"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/42314"
          },
          {
            "trust": 1.8,
            "url": "http://secunia.com/advisories/42317"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/1637"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/1755"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/1837"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/1846"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/1877"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/2491"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/3045"
          },
          {
            "trust": 1.8,
            "url": "http://www.vupen.com/english/advisories/2010/3046"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.debian.org/security/2010/dsa-2072"
          },
          {
            "trust": 1.8,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html"
          },
          {
            "trust": 1.8,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.ubuntu.com/usn/usn-960-1"
          },
          {
            "trust": 1.8,
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht4435"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht4456"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht4457"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht4554"
          },
          {
            "trust": 1.8,
            "url": "http://support.apple.com/kb/ht4566"
          },
          {
            "trust": 1.8,
            "url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
          },
          {
            "trust": 1.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
          },
          {
            "trust": 1.8,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
          },
          {
            "trust": 1.7,
            "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
          },
          {
            "trust": 1.7,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
          },
          {
            "trust": 1.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/59816"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu331391"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu935740"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2249"
          },
          {
            "trust": 0.7,
            "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/cve/cve-2010-2249"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2010:0534"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
          },
          {
            "trust": 0.3,
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa65"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100092842"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100093925"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100108439"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100148396"
          },
          {
            "trust": 0.3,
            "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html"
          },
          {
            "trust": 0.3,
            "url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244"
          },
          {
            "trust": 0.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/401.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587670"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/960-1/"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22585"
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://packages.debian.org/\u003cpkg\u003e"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security/advisoiries"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/player/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.1,
            "url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1055"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/ws/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
          },
          {
            "trust": 0.1,
            "url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.1,
            "url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
          },
          {
            "trust": 0.1,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb"
          },
          {
            "trust": 0.1,
            "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc"
          },
          {
            "trust": 0.1,
            "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-44854"
          },
          {
            "db": "VULMON",
            "id": "CVE-2010-2249"
          },
          {
            "db": "BID",
            "id": "41174"
          },
          {
            "db": "PACKETSTORM",
            "id": "94522"
          },
          {
            "db": "PACKETSTORM",
            "id": "91973"
          },
          {
            "db": "PACKETSTORM",
            "id": "94244"
          },
          {
            "db": "PACKETSTORM",
            "id": "91619"
          },
          {
            "db": "PACKETSTORM",
            "id": "91878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2249"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-44854",
            "ident": null
          },
          {
            "db": "VULMON",
            "id": "CVE-2010-2249",
            "ident": null
          },
          {
            "db": "BID",
            "id": "41174",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "94522",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "91973",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "94244",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "91619",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "91878",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2010-2249",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2010-06-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-44854",
            "ident": null
          },
          {
            "date": "2010-06-30T00:00:00",
            "db": "VULMON",
            "id": "CVE-2010-2249",
            "ident": null
          },
          {
            "date": "2010-06-25T00:00:00",
            "db": "BID",
            "id": "41174",
            "ident": null
          },
          {
            "date": "2010-10-05T22:16:57",
            "db": "PACKETSTORM",
            "id": "94522",
            "ident": null
          },
          {
            "date": "2010-07-20T00:53:34",
            "db": "PACKETSTORM",
            "id": "91973",
            "ident": null
          },
          {
            "date": "2010-09-25T18:50:30",
            "db": "PACKETSTORM",
            "id": "94244",
            "ident": null
          },
          {
            "date": "2010-07-08T21:03:46",
            "db": "PACKETSTORM",
            "id": "91619",
            "ident": null
          },
          {
            "date": "2010-07-16T04:34:46",
            "db": "PACKETSTORM",
            "id": "91878",
            "ident": null
          },
          {
            "date": "2010-06-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201006-491",
            "ident": null
          },
          {
            "date": "2010-08-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001805",
            "ident": null
          },
          {
            "date": "2010-06-30T18:30:01.847000",
            "db": "NVD",
            "id": "CVE-2010-2249",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2023-02-13T00:00:00",
            "db": "VULHUB",
            "id": "VHN-44854",
            "ident": null
          },
          {
            "date": "2020-08-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2010-2249",
            "ident": null
          },
          {
            "date": "2015-04-13T21:46:00",
            "db": "BID",
            "id": "41174",
            "ident": null
          },
          {
            "date": "2023-04-26T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201006-491",
            "ident": null
          },
          {
            "date": "2012-03-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-001805",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2010-2249",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "91878"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "libpng include  pngrutil.c Memory leak vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-001805"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201006-491"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200609-1586

    Vulnerability from variot - Updated: 2026-04-10 22:44

    OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion. This vulnerability may cause a denial of service. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. Henson recently developed an ASN.1 test suite for NISCC (www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error condition is mishandled. Certain types of public key can take disproportionate amounts of time to process.

    Any code which uses OpenSSL to parse ASN.1 data from untrusted sources is affected. This includes SSL servers which enable client authentication and S/MIME applications.

    Acknowledgements

    The OpenSSL team thank Dr S. Henson of Open Network Security and NISCC for funding the ASN.1 test suite project. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer (CVE-2006-3738).

    SSLv2 Client Crash (CVE-2006-4343)

    Vulnerability

    A flaw in the SSLv2 client code was discovered.

    Recommendations

    These vulnerabilities are resolved in the following versions of OpenSSL:

    • in the 0.9.7 branch, version 0.9.7l (or later);
    • in the 0.9.8 branch, version 0.9.8d (or later).

    OpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):

    o https://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/
    

    The distribution file names are:

    o openssl-0.9.8d.tar.gz
      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa
      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2
    
    o openssl-0.9.7l.tar.gz
      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e
      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d
    

    The checksums were calculated using the following commands:

    openssl md5 openssl-0.9*.tar.gz
    openssl sha1 openssl-0.9*.tar.gz
    

    After upgrading make sure to recompile any applications statically linked to OpenSSL libraries and restart all applications that use OpenSSL. Incorrect permissions on SSL key files generated by vmware-config (CVE-2006-3589):

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with the configuration program
    vmware-config which could set incorrect permissions on SSL key
    files. Local users may be able to obtain access to the SSL key
    files. OpenSSL library vulnerabilities:
    
    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131
    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d
    allows remote attackers to cause a denial of service (infinite
    loop and memory consumption) via malformed ASN.1 structures that
    trigger an improperly handled error condition.
    
    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8
    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1
    padding before generating a hash, which allows remote attackers to
    forge a PKCS #1 v1.5 signature that is signed by that RSA key and
    prevents OpenSSL from correctly verifying X.509 and other
    certificates that use PKCS #1.
    
    (CVE-2006-4343) The get_server_hello function in the SSLv2 client
    code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and
    earlier versions allows remote servers to cause a denial of service
    (client crash) via unknown vectors that trigger a null pointer
    dereference. Updated OpenSSH package addresses the following possible security issues:
    
    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by Patch ESX-3069097
    ESX 2.5.4: does not have these problems
    ESX 2.5.3: does not have these problems
    ESX 2.1.3: does not have these problems
    ESX 2.0.2: does not have these problems
    
    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly
    other versions, when using privilege separation, does not properly
    signal the non-privileged process when a session has been terminated
    after exceeding the LoginGraceTime setting, which leaves the
    connection open and allows remote attackers to cause a denial of
    service (connection consumption).
    
    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute
    arbitrary commands via filenames that contain shell metacharacters
    or spaces, which are expanded twice.
    
    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host
    access by numeric IP addresses and with VerifyReverseMapping
    disabled, allows remote attackers to bypass "from=" and "user@host"
    address restrictions by connecting to a host from a system whose
    reverse DNS hostname contains the numeric IP address.
    
    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1
    SSH protocol, allows remote attackers to cause a denial of service
    (CPU consumption) via an SSH packet that contains duplicate blocks,
    which is not properly handled by the CRC compensation attack
    detector.
    
    NOTE: ESX by default disables version 1 SSH protocol.
    
    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4
    allows remote attackers to cause a denial of service (crash), and
    possibly execute arbitrary code if GSSAPI authentication is enabled,
    via unspecified vectors that lead to a double-free.
    
    NOTE: ESX doesn't use GSSAPI by default.
    
    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege
    Separation Monitor in OpenSSH before 4.5 causes weaker verification
    that authentication has been successful, which might allow attackers
    to bypass authentication.
    
    NOTE: as of 20061108, it is believed that this issue is only
    exploitable by leveraging vulnerabilities in the unprivileged
    process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)
    

    files:

    ESX 3.0.1: does not have this problem
    ESX 3.0.0: does not have this problem
    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)
    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)
    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)
    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)
    
    A possible security issue with virtual disk (.vmdk or .dsk) files
    that are newly created, but contain blocks from recently deleted
    virtual disk files.  Information belonging to the previously
    deleted virtual disk files could be revealed in newly created
    virtual disk files.
    
    VMware recommends the following workaround: When creating new
    virtual machines on an ESX Server that may contain sensitive
    data, use vmkfstools with the -W option. This initializes the
    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():
    
    ESX 3.0.1: corrected by Patch ESX-9986131
    ESX 3.0.0: corrected by ESX-3069097
    ESX 2.5.4: does not have this problem
    ESX 2.5.3: does not have this problem
    ESX 2.1.3: does not have this problem
    ESX 2.0.2: does not have this problem
    
    A possible security issue with how the Python function repr()
    function handles UTF-32/UCS-4 strings.
    

    ESX 3.0.1 http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html md5usm: 239375e107fd4c7af57663f023863fcb

    ESX 3.0.0 http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html md5sum: ca9947239fffda708f2c94f519df33dc

    ESX 2.5.4 http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html md5sum: 239375e107fd4c7af57663f023863fcb

    ESX 2.5.3 http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html md5sum: f90fcab28362edbf2311f3ca90cc7739

    ESX 2.1.3 http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f

    ESX 2.0.2 http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html md5sum: 925e70f28d17714c53fdbd24de64329f

    1. References:

    ESX 3.0.0 Patch URL: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Knowledge base URL: http://kb.vmware.com/kb/3069097

    ESX 3.0.1 Patch URL: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Knowledge base URL: http://kb.vmware.com/kb/9986131

    ESX 2.5.4 Patch URL: http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html

    ESX 2.5.3 Patch URL: http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html

    ESX 2.1.3 Patch URL: http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html

    ESX 2.0.2 Patch URL: http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980

    1. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    ~ VMware Security Advisory

    Advisory ID: VMSA-2008-0005 Synopsis: Updated VMware Workstation, VMware Player, VMware ~ Server, VMware ACE, and VMware Fusion resolve ~ critical security issues Issue date: 2008-03-17 Updated on: 2008-03-17 (initial release of advisory) CVE numbers: CVE-2008-0923 CVE-2008-0923 CVE-2008-1361 ~ CVE-2008-1362 CVE-2007-5269 CVE-2006-2940 ~ CVE-2006-2937 CVE-2006-4343 CVE-2006-4339 ~ CVE-2007-5618 CVE-2008-1364 CVE-2008-1363 ~ CVE-2008-1340


    1. Relevant releases:

    ~ VMware Workstation 6.0.2 and earlier ~ VMware Workstation 5.5.4 and earlier ~ VMware Player 2.0.2 and earlier ~ VMware Player 1.0.4 and earlier ~ VMware ACE 2.0.2 and earlier ~ VMware ACE 1.0.2 and earlier ~ VMware Server 1.0.4 and earlier ~ VMware Fusion 1.1 and earlier

    1. Problem description:

    ~ a. Host to guest shared folder (HGFS) traversal vulnerability

    ~ On Windows hosts, if you have configured a VMware host to guest ~ shared folder (HGFS), it is possible for a program running in the ~ guest to gain access to the host's file system and create or modify ~ executable files in sensitive locations.

    NOTE: VMware Server is not affected because it doesn't use host to ~ guest shared folders. No versions of ESX Server, including ~ ESX Server 3i, are affected by this vulnerability. Because ~ ESX Server is based on a bare-metal hypervisor architecture ~ and not a hosted architecture, and it doesn't include any ~ shared folder abilities. Fusion and Linux based hosted ~ products are unaffected.

    ~ VMware would like to thank CORE Security Technologies for ~ working with us on this issue. This addresses advisory ~ CORE-2007-0930.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2008-0923 to this issue.

    ~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)

    ~ b. Insecure named pipes

    ~ An internal security audit determined that a malicious Windows ~ user could attain and exploit LocalSystem privileges by causing ~ the authd process to connect to a named pipe that is opened and ~ controlled by the malicious user.

    ~ The same internal security audit determined that a malicious ~ Windows user could exploit an insecurely created named pipe ~ object to escalate privileges or create a denial of service ~ attack. In this situation, the malicious user could ~ successfully impersonate authd and attain privileges under ~ which Authd is executing.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the names CVE-2008-1361, CVE-2008-1362 to these ~ issues.

    ~ Windows Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)

    ~ c. Updated libpng library to version 1.2.22 to address various ~ security vulnerabilities

    ~ Several flaws were discovered in the way libpng handled various PNG ~ image chunks. An attacker could create a carefully crafted PNG ~ image file in such a way that it could cause an application linked ~ with libpng to crash when the file was manipulated.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ has assigned the name CVE-2007-5269 to this issue.

    ~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)

    ~ NOTE: Fusion is not affected by this issue.

    ~ d. Updated OpenSSL library to address various security vulnerabilities

    ~ Updated OpenSSL fixes several security flaws were discovered ~ in previous versions of OpenSSL.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the following names to these issues: CVE-2006-2940, ~ CVE-2006-2937, CVE-2006-4343, CVE-2006-4339.

    ~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)

    ~ NOTE: Fusion is not affected by this issue.

    ~ e. VIX API default setting changed to a more secure default value

    ~ Workstation 6.0.2 allowed anonymous console access to the guest by ~ means of the VIX API. This release, Workstation 6.0.3, disables ~ this feature. This means that the Eclipse Integrated Virtual ~ Debugger and the Visual Studio Integrated Virtual Debugger will now ~ prompt for user account credentials to access a guest.

    ~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)

    ~ f. Windows 2000 based hosted products privilege escalation ~ vulnerability

    ~ This release addresses a potential privilege escalation on ~ Windows 2000 hosted products. Certain services may be improperly ~ registered and present a security vulnerability to Windows 2000 ~ machines.

    ~ VMware would like to thank Ray Hicken for reporting this issue and ~ David Maciejak for originally pointing out these types of ~ vulnerabilities.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2007-5618 to this issue.

    ~ Windows versions of Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)

    ~ NOTE: Fusion and Linux based products are not affected by this ~ issue.

    ~ g.

    ~ VMware would like to thank Martin O'Neal for reporting this issue.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1364 to this issue.

    ~ Hosted products ~ --------------- ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846) ~ VMware Fusion 1.1 upgrade to version 1.1.1 (Build# 72241)

    ~ NOTE: This issue doesn't affect the latest versions of VMware ~ Workstation 6, VMware Player 2, and ACE 2 products.

    ~ h. Local Privilege Escalation on Windows based platforms by ~ Hijacking VMware VMX configuration file

    ~ VMware uses a configuration file named "config.ini" which ~ is located in the application data directory of all users. ~ By manipulating this file, a user could gain elevated ~ privileges by hijacking the VMware VMX process.

    ~ VMware would like to thank Sun Bing for reporting the issue.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1363 to this issue.

    ~ Windows based Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware Player 1.0 upgrade to version 1.0.6 (Build# 80404) ~ VMware Server 1.0 upgrade to version 1.0.5 (Build# 80187) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004) ~ VMware ACE 1.0 upgrade to version 1.0.5 (Build# 79846)

    ~ i. Virtual Machine Communication Interface (VMCI) memory corruption ~ resulting in denial of service

    ~ VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, ~ and VMware ACE 2.0. It is an experimental, optional feature and ~ it may be possible to crash the host system by making specially ~ crafted calls to the VMCI interface.

    ~ VMware would like to thank Andrew Honig of the Department of ~ Defense for reporting this issue.

    ~ The Common Vulnerabilities and Exposures project (cve.mitre.org) ~ assigned the name CVE-2008-1340 to this issue.

    ~ Hosted products ~ --------------- ~ VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004) ~ VMware Player 2.0 upgrade to version 2.0.3 (Build# 80004) ~ VMware ACE 2.0 upgrade to version 2.0.1 (Build# 80004)

    1. Solution:

    Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.

    ~ VMware Workstation 6.0.3 ~ ------------------------ ~ http://www.vmware.com/download/ws/ ~ Release notes: ~ http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html ~ Windows binary ~ md5sum: 323f054957066fae07735160b73b91e5 ~ RPM Installation file for 32-bit Linux ~ md5sum: c44183ad11082f05593359efd220944e ~ tar Installation file for 32-bit Linux ~ md5sum: 57601f238106cb12c1dea303ad1b4820 ~ RPM Installation file for 64-bit Linux ~ md5sum: e9ba644be4e39556724fa2901c5e94e9 ~ tar Installation file for 64-bit Linux ~ md5sum: d8d423a76f99a94f598077d41685e9a9

    ~ VMware Workstation 5.5.5 ~ ------------------------ ~ http://www.vmware.com/download/ws/ws5.html ~ Release notes: ~ http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html ~ Windows binary ~ md5sum: 9c2dd94db5eed93d7f64e8d6ba8d8bd3 ~ Compressed Tar archive for 32-bit Linux ~ md5sum: 77401c0842a151f0b2db0b4fcb0d16eb ~ Linux RPM version for 32-bit Linux ~ md5sum: c222b6db934deb9c1bb79b16b25a3202

    ~ VMware Server 1.0.5 ~ ------------------- ~ http://www.vmware.com/download/server/ ~ Release notes: ~ http://www.vmware.com/support/server/doc/releasenotes_server.html ~ VMware Server for Windows 32-bit and 64-bit ~ md5sum: 3c4a57310c55e17bf8e4a1059d5b36cc ~ VMware Server Windows client package ~ md5sum: cb3dd2439203dc510f4d95f06ba59d21 ~ VMware Server for Linux ~ md5sum: 161dcbe5af9bbd9834a86bf7c599903e ~ VMware Server for Linux rpm ~ md5sum: fc3b81ed18b53eda943a992971e9f84a ~ Management Interface ~ md5sum: dd10d25895d9994bd27ca896152f48ef ~ VMware Server Linux client package ~ md5sum: aae18f1f7b8811b5499e3a358754d4f8

    ~ VMware ACE 2.0.3 and 1.0.5 ~ -------------------------- ~ http://www.vmware.com/download/ace/ ~ Windows Release notes: ~ http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

    ~ VMware Fusion 1.1.1 ~ ------------------- ~ http://www.vmware.com/download/fusion/ ~ Release notes: ~ http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html ~ md5sum: 38e116ec26b30e7a6ac47c249ef650d0

    ~ VMware Player 2.0.3 and 1.0.6 ~ ---------------------- ~ http://www.vmware.com/download/player/ ~ Release notes Player 1.x: ~ http://www.vmware.com/support/player/doc/releasenotes_player.html ~ Release notes Player 2.0 ~ http://www.vmware.com/support/player2/doc/releasenotes_player2.html ~ 2.0.3 Windows binary ~ md5sum: 0c5009d3b569687ae139e13d24c868d3 ~ VMware Player 2.0.3 for Linux (.rpm) ~ md5sum: 53502b2112a863356dcd13dd0d8dd8f2 ~ VMware Player 2.0.3 for Linux (.tar) ~ md5sum: 2305fcff49bef6e4ad83742412eac978 ~ VMware Player 2.0.3 - 64-bit (.rpm) ~ md5sum: cf945b571c4d96146ede010286fdfca5 ~ VMware Player 2.0.3 - 64-bit (.tar) ~ md5sum: f99c5b293eb87c5f918ad24111565b9f ~ 1.0.6 Windows binary ~ md5sum: 895081406c4de5361a1700ec0473e49c ~ Player 1.0.6 for Linux (.rpm) ~ md5sum: 8adb23799dd2014be0b6d77243c76942 ~ Player 1.0.6 for Linux (.tar) ~ md5sum: c358f8e1387fb60863077d6f8a9f7b3f

    1. References:

    ~ CVE numbers ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363 ~ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340


    1. Contact:

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    ~ * security-announce@lists.vmware.com ~ * bugtraq@securityfocus.com ~ * full-disclosure@lists.grok.org.uk

    E-mail: security@vmware.com

    Security web site http://www.vmware.com/security

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2008 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)

    iD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv Cv8MnL2bYPyDfYQ3f4IUL+w= =tFXS -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c00967144 Version: 1

    HPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    References: VU#547300, VU#386964, CAN-2006-4339, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 (SSL) VU#697164, VU#915404, CVE-2007-0493, CVE-2007-0494 (BIND)

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. The following supported software versions are affected: HP Tru64 UNIX v 5.1B-4 (SSL and BIND) HP Tru64 UNIX v 5.1B-3 (SSL and BIND) HP Tru64 UNIX v 5.1A PK6 (BIND) HP Tru64 UNIX v 4.0G PK4 (BIND) HP Tru64 UNIX v 4.0F PK8 (BIND) Internet Express (IX) v 6.6 BIND (BIND) HP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL)

    BACKGROUND

    RESOLUTION

    HP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities.

    The fixes contained in the ERP kits will be available in the following mainstream releases: -Targeted for availability in HP Tru64 UNIX v 5.1B-5 -Internet Express (IX) v 6.7 -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available)

    HP Tru64 UNIX Version 5.1B-4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 Name: T64KIT1001167-V51BB27-ES-20070321 MD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd

    HP Tru64 UNIX Version 5.1B-3 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 Name: T64KIT1001163-V51BB26-ES-20070315 MD5 Checksum: d376d403176f0dbe7badd4df4e91c126

    HP Tru64 UNIX Version 5.1A PK6 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 Name: T64KIT1001160-V51AB24-ES-20070314 MD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7

    HP Tru64 UNIX Version 4.0G PK4 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 Name: T64KIT1001166-V40GB22-ES-20070316 MD5 Checksum: a446c39169b769c4a03c654844d5ac45

    HP Tru64 UNIX Version 4.0F PK8 ERP Kit Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 Name: DUXKIT1001165-V40FB22-ES-20070316 MD5 Checksum: 718148c87a913536b32a47af4c36b04e

    HP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) Location: http://h30097.www3.hp.com/cma/patches.html Name: CPQIM360.SSL.01.tar.gz MD5 Checksum: 1001a10ab642461c87540826dfe28652

    Internet Express (IX) v 6.6 BIND Note: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version.

    PRODUCT SPECIFIC INFORMATION

    The HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches: -OpenSSL 0.9.8d -BIND 9.2.8 built with OpenSSL 0.9.8d

    Note: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d

    Customers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version.

    The HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4.

    HISTORY Version:1 (rev.1) - 12 April 2007 Initial release

    Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For further information, contact normal HP Services support channel.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key

    Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.

    To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

    To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

    • The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

    GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault

    System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

    "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

    \xa9Copyright 2007 Hewlett-Packard Development Company, L.P.

    Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. rPath Security Advisory: 2006-0175-1 Published: 2006-09-28 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1 openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1

    References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 http://issues.rpath.com/browse/RPL-613

    Description: Previous versions of the openssl package are vulnerable to multiple attacks. In particular, any connection that the mysql daemon will accept may be vulnerable. In the default configuration of mysql, that would be a local unauthorized access vulnerability, but mysql can be configured to listen for network connections from remote hosts, which would then enable remote unauthorized access. Any program that calls the SSL_get_shared_ciphers() function may be vulnerable.


    Full-Disclosure - We believe in it.


    References: [0] http://www.openssl.org/news/secadv_20060928.txt [1] http://www.openssl.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG openpkg@openpkg.org" (ID 63C4CB9F) of the OpenPKG project which you can retrieve from http://pgp.openpkg.org and hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org for details on how to verify the integrity of this advisory. --WfZ7S8PLGjBY9Voh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline


    Gentoo Linux Security Advisory GLSA 200610-11


                                            http://security.gentoo.org/
    

    Severity: High Title: OpenSSL: Multiple vulnerabilities Date: October 24, 2006 Bugs: #145510 ID: 200610-11


    Synopsis

    OpenSSL contains multiple vulnerabilities including the possible remote execution of arbitrary code.

    Background

    OpenSSL is a toolkit implementing the Secure Sockets Layer, Transport Layer Security protocols and a general-purpose cryptography library. Additionally Dr.

    Workaround

    There is no known workaround at this time.

    Resolution

    All OpenSSL 0.9.8 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.8d"
    

    All OpenSSL 0.9.7 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-libs/openssl-0.9.7l"
    

    References

    [ 1 ] CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 [ 2 ] CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 [ 3 ] CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 [ 4 ] CVE-2006-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-200610-11.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

    License

    Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.


    References:

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343


    Updated Packages:

    Mandriva Linux 2006.0: 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 8291bde3bd9aa95533aabc07280203b8 2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm

    Mandriva Linux 2006.0/X86_64: b2ce6e6bb7e3114663d3a074d0cc7da5 2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm f7c8dbc2eda0c90547d43661454d1068 2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 7c9ebd9f9179f4e93627dcf0f3442335 2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm 17e2d82c3f6c0afbf48eccbfbcc17b55 2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm 8c3f89e1900f069d4a4ad3162a9f7d78 2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm 3a68c653ba0339ba99162459385c72e2 2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm 6ce5832a59b8b67425cb7026ea9dc876 2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm 52b3fbfc1389bcd73e406d6ff741e9dc 2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm

    Mandriva Linux 2007.0: 1bfeff47c8d2f6c020c459881be68207 2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm 1e1a4db54ddfaedb08a6d847422099ff 2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm 59c80405f33b2e61ffd3cef025635e21 2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm 3a6657970a2e7661bd869d221a69c8da 2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm

    Mandriva Linux 2007.0/X86_64: af679c647d97214244a8423dc1a766b7 2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm d7b1ed07df4115b3bcc3907e00d25a89 2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 5bd3ece2c0ec7a3201c29fa84e25a75a 2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm 9b028020dba009eddbf06eeb8607b87f 2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm aad29e57ddceb66105af5d6434de9a62 2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm

    Corporate 3.0: c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 98a925c5ba2ecc9d704b1e730035755e corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm 151493a50693e3b9cc67bfafadb9ce42 corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm 82b4709bdbb9128746887013a724356a corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm

    Corporate 3.0/X86_64: 01a922d80d6fc9d1b36dde15ee27747e corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm 30268f0b70862d1f5998694ac8b4addc corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm e0388ff1efa34ea55d033e95b4e9bb63 corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm c99ea58f6f4959a4c36398cc6b2b4ee2 corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm 83759622f0cc8ea9c0f6d32671283354 corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm a5bdbe6afa52005a734dc18aa951677d corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm

    Corporate 4.0: 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm d8477333b67ec3a36ba46c50e6183993 corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm

    Corporate 4.0/X86_64: 746e5e916d1e05379373138a5db20923 corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm a2b1d750075a32fe8badbdf1f7febafe corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 47c464cf890a004f772c1db3e839fa12 corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm 6d71d2358738be9967b2dfe19d3642f1 corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm 22890554d3096ce596eeec7393ee3fcf corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 679fe740859fa35b2bb77b19c4a0e787 corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm 1030a6124a9fa4fd5a41bdff077301bf corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm b65dbbd9fb3d74d302478640476a2cd2 corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm

    Multi Network Firewall 2.0: 19055eda58e1f75814e594ce7709a710 mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm abfe548617969f619aec5b0e807f1f67 mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm 92e7515c9125367a79fdb490f5b39cd4 mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm 847eecb1d07e4cab3d1de1452103c3a0 mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm b6b67fa82d7119cde7ab7816aed17059 mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm


    To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

    gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

    You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

    If you want to report vulnerabilities, please contact

    security_(at)_mandriva.com


    Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)

    iD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0 wB09L3fylyiHgrXvSV6VL7A= =/+dm -----END PGP SIGNATURE-----

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 4.0,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "rpath",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "gnutls",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "vmware",
            "version": null
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.1c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.3a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.5a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.2b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6l"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6m"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8b"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6g"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6f"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7k"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6d"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6h"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7e"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7i"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8c"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.8a"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.6j"
          },
          {
            "_id": null,
            "model": "openssl",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "openssl",
            "version": "0.9.7d"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openbsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.30"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "3.0/32"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "wireless control system software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.16"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.3"
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "secure access control server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "bind a5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76650"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "4.0/3"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.4"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "4.0/2"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.00"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "_id": null,
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.680404"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "server c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "karagulle cwrsync",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "tevfik",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "grid engine update5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.380004"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.334685"
          },
          {
            "_id": null,
            "model": "grid engine update7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hardware management console",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "server 0.9.1b",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.4.0"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "karagulle cwrsync",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "tevfik",
            "version": "2.0.10"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.9"
          },
          {
            "_id": null,
            "model": "server a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind a4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "grid engine sun linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3x86"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.6.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "server 0.8.6a",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "3.0/31"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.680404"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "bind a1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.2.0.1"
          },
          {
            "_id": null,
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.0.201"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "_id": null,
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "_id": null,
            "model": "operating system enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.7"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "232"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "76550"
          },
          {
            "_id": null,
            "model": "wireless control system software",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r2.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "igateway vpn/ssl-vpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "intoto",
            "version": "0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "_id": null,
            "model": "grid engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.17"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.3"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.5"
          },
          {
            "_id": null,
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "_id": null,
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "_id": null,
            "model": "amc",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "1.0/6"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.1"
          },
          {
            "_id": null,
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.7.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "server 0.9.4d",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "grid engine update7 1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "bind a2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.19"
          },
          {
            "_id": null,
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "amc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "1.0/5"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.659"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "reflection for secure it sp1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.22"
          },
          {
            "_id": null,
            "model": "bind a3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r3.3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "reflection for secure it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "grid engine update1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.2"
          },
          {
            "_id": null,
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.0"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "_id": null,
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "predictive dialer",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.3.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.0"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "bind b3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "grid engine update2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "red hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)5.1"
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.15"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "_id": null,
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "predictive dialing system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r4.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.5"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.2"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "_id": null,
            "model": "insight management agents for tru64 unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.5.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.5"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "_id": null,
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "ssl360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "2.0/2"
          },
          {
            "_id": null,
            "model": "grid engine 32-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "filezilla",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "2.2.28"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "4.0/4"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "bind b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.9"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r3.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.4"
          },
          {
            "_id": null,
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.444386"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "4.0/5"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "css11500 content services switch s",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "groupware server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kolab",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "fast360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "4.0/1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "255"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "secure acs build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)23"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "server b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "275"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.3"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bind b2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "grid engine update3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "_id": null,
            "model": "workcentre pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "245"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.9"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.1.0.4"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.342958"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "grid engine 64-bit sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "grid engine update4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.3.30"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "grid engine update6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "bind a6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r2.1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "tru64 b-4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "_id": null,
            "model": "css11500 content services switch",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "server 0.9.4e",
            "scope": null,
            "trust": 0.3,
            "vendor": "filezilla",
            "version": null
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.380004"
          },
          {
            "_id": null,
            "model": "tru64 b-3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "_id": null,
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "265"
          },
          {
            "_id": null,
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "_id": null,
            "model": "ssl360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "ftp server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "serv u",
            "version": "6.01"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "intrusion detection system 4.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "filezilla",
            "version": "0.8.5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "download accelarator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "prozilla",
            "version": "1.3.2"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "_id": null,
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "workcentre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xerox",
            "version": "238"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "server build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.580187"
          },
          {
            "_id": null,
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "ssl360",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "2.0/3"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.48"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.47"
          },
          {
            "_id": null,
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.22"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8.0"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.7.0"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.6.0"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0.5"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition fips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.5"
          },
          {
            "_id": null,
            "model": "oracle9i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1.4"
          },
          {
            "_id": null,
            "model": "oracle8i standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4"
          },
          {
            "_id": null,
            "model": "oracle8i enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7.4.0"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.2"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.5"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "oracle10g standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "oracle10g personal edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.3"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.2"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.4"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3.1"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.3"
          },
          {
            "_id": null,
            "model": "oracle10g enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.4.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3.0.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.2.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.1.0"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.1"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "_id": null,
            "model": "oracle10g application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "_id": null,
            "model": "identity management 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4.0.1"
          },
          {
            "_id": null,
            "model": "9i application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0.2.2"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.2.1"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.5"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.4"
          },
          {
            "_id": null,
            "model": "enterprise manager grid control 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.3"
          },
          {
            "_id": null,
            "model": "e-business suite 11i cu2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.10"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.9"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.8"
          },
          {
            "_id": null,
            "model": "e-business suite 11i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.5.7"
          },
          {
            "_id": null,
            "model": "e-business suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "10.1.2.0.2"
          },
          {
            "_id": null,
            "model": "developer suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "_id": null,
            "model": "developer suite 6i",
            "scope": null,
            "trust": 0.3,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.2"
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.1"
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "210.1.2.0.0"
          },
          {
            "_id": null,
            "model": "application server release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "29.0.2.3"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.3"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.2"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4.1"
          },
          {
            "_id": null,
            "model": "application server 10g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.4"
          },
          {
            "_id": null,
            "model": "oracle for openview for linux ltu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "0"
          },
          {
            "_id": null,
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "oracle for openview",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#423396"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20247"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2940"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Andy Davis advisories@irmplc.com Vicente Aguilera Diaz vaguilera@isecauditors.com Esteban Martinez FayoTony FogartyOliver Karow Oliver.karow@gmx.de Joxean Koret joxeankoret@yahoo.es Alexander Kornbrust ak@red-database-security.com David Litchfield",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2006-2940",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2006-2940",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2006-2940",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#423396",
                "trust": 0.8,
                "value": "7.92"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#221788",
                "trust": 0.8,
                "value": "4.20"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200609-533",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#423396"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2940"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) \"public exponent\" or (2) \"public modulus\" values in X.509 certificates that require extra time to process when using RSA signature verification. Some applications that perform X.509 certificate verification may be vulnerable to signature processing problems that lead to resource exhaustion.  This vulnerability may cause a denial of service. The Oracle SYS.DBMS_AQ package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL is prone to a denial-of-service vulnerability because it fails to validate the lengths of public keys being used. Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. Henson recently developed an ASN.1 test suite for NISCC\n(www.niscc.gov.uk). During the parsing of certain invalid ASN.1 structures an error\ncondition is mishandled. Certain types of public key can take disproportionate amounts of\ntime to process. \n\nAny code which uses OpenSSL to parse ASN.1 data from untrusted sources\nis affected. This includes SSL servers which enable client\nauthentication and S/MIME applications. \n\nAcknowledgements\n----------------\n\nThe OpenSSL team thank Dr S. Henson of Open Network Security and NISCC\nfor funding the ASN.1 test suite project.  An attacker could send a list of ciphers to an\napplication that uses this function and overrun a buffer\n(CVE-2006-3738). \n\n\nSSLv2 Client Crash (CVE-2006-4343)\n==================================\n\nVulnerability\n-------------\n\nA flaw in the SSLv2 client code was discovered. \n\n\nRecommendations\n===============\n\nThese vulnerabilities are resolved in the following versions of OpenSSL:\n\n   - in the 0.9.7 branch, version 0.9.7l (or later);\n   - in the 0.9.8 branch, version 0.9.8d (or later). \n\nOpenSSL 0.9.8d and OpenSSL 0.9.7l are available for download via\nHTTP and FTP from the following master locations (you can find the\nvarious FTP mirrors under https://www.openssl.org/source/mirror.html):\n\n    o https://www.openssl.org/source/\n    o ftp://ftp.openssl.org/source/\n\nThe distribution file names are:\n\n    o openssl-0.9.8d.tar.gz\n      MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa\n      SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2\n\n    o openssl-0.9.7l.tar.gz\n      MD5 checksum: b21d6e10817ddeccf5fbe1379987333e\n      SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d\n    \nThe checksums were calculated using the following commands:\n\n    openssl md5 openssl-0.9*.tar.gz\n    openssl sha1 openssl-0.9*.tar.gz\n\nAfter upgrading make sure to recompile any applications statically\nlinked to OpenSSL libraries and restart all applications that use\nOpenSSL. Incorrect permissions on SSL key files generated  by vmware-config\n(CVE-2006-3589):\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with the configuration program\n    vmware-config which could set incorrect permissions on SSL key\n    files. Local users may be able to obtain access to the SSL key\n    files. OpenSSL library vulnerabilities:\n\n    ESX 3.0.1: corrected by ESX 3.0.1 Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX 3.0.0 Patch ESX-3069097\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    (CVE-2006-2937) OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d\n    allows remote attackers to cause a denial of service (infinite\n    loop and memory consumption) via malformed ASN.1 structures that\n    trigger an improperly handled error condition. \n\n    (CVE-2006-4339) OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8\n    before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1\n    padding before generating a hash, which allows remote attackers to\n    forge a PKCS #1 v1.5 signature that is signed by that RSA key and\n    prevents OpenSSL from correctly verifying X.509 and other\n    certificates that use PKCS #1. \n\n    (CVE-2006-4343) The get_server_hello function in the SSLv2 client\n    code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and\n    earlier versions allows remote servers to cause a denial of service\n    (client crash) via unknown vectors that trigger a null pointer\n    dereference. Updated OpenSSH package addresses the following possible security issues:\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by Patch ESX-3069097\n    ESX 2.5.4: does not have these problems\n    ESX 2.5.3: does not have these problems\n    ESX 2.1.3: does not have these problems\n    ESX 2.0.2: does not have these problems\n\n    (CVE-2004-2069) sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly\n    other versions, when using privilege separation, does not properly\n    signal the non-privileged process when a session has been terminated\n    after exceeding the LoginGraceTime setting, which leaves the\n    connection open and allows remote attackers to cause a denial of\n    service (connection consumption). \n\n    (CVE-2006-0225) scp in OpenSSH 4.2p1 allows attackers to execute\n    arbitrary commands via filenames that contain shell metacharacters\n    or spaces, which are expanded twice. \n\n    (CVE-2003-0386) OpenSSH 3.6.1 and earlier, when restricting host\n    access by numeric IP addresses and with VerifyReverseMapping\n    disabled, allows remote attackers to bypass \"from=\" and \"user@host\"\n    address restrictions by connecting to a host from a system whose\n    reverse DNS hostname contains the numeric IP address. \n\n    (CVE-2006-4924) sshd in OpenSSH before 4.4, when using the version 1\n    SSH protocol, allows remote attackers to cause a denial of service\n    (CPU consumption) via an SSH packet that contains duplicate blocks,\n    which is not properly handled by the CRC compensation attack\n    detector. \n\n    NOTE: ESX by default disables version 1 SSH protocol. \n\n    (CVE-2006-5051) Signal handler race condition in OpenSSH before 4.4\n    allows remote attackers to cause a denial of service (crash), and\n    possibly execute arbitrary code if GSSAPI authentication is enabled,\n    via unspecified vectors that lead to a double-free. \n\n    NOTE: ESX doesn\u0027t use GSSAPI by default. \n\n    (CVE-2006-5794) Unspecified vulnerability in the sshd Privilege\n    Separation Monitor in OpenSSH before 4.5 causes weaker verification\n    that authentication has been successful, which might allow attackers\n    to bypass authentication. \n\n    NOTE: as of 20061108, it is believed that this issue is only\n    exploitable by leveraging vulnerabilities in the unprivileged\n    process, which are not known to exist. Object reuse problems with newly created virtual disk (.vmdk or .dsk)\nfiles:\n\n    ESX 3.0.1: does not have this problem\n    ESX 3.0.0: does not have this problem\n    ESX 2.5.4: corrected by ESX 2.5.4 Upgrade Patch 3 (Build# 36502)\n    ESX 2.5.3: corrected by ESX 2.5.3 Upgrade Patch 6 (Build# 35703)\n    ESX 2.1.3: corrected by ESX 2.1.3 Upgrade Patch 4 (Build# 35803)\n    ESX 2.0.2: corrected by ESX 2.0.2 Upgrade Patch 4 (Build# 35801)\n\n    A possible security issue with virtual disk (.vmdk or .dsk) files\n    that are newly created, but contain blocks from recently deleted\n    virtual disk files.  Information belonging to the previously\n    deleted virtual disk files could be revealed in newly created\n    virtual disk files. \n\n    VMware recommends the following workaround: When creating new\n    virtual machines on an ESX Server that may contain sensitive\n    data, use vmkfstools with the -W option. This initializes the\n    virtual disk with zeros.  NOTE: ESX 3.x defines this option as -w. Buffer overflow in Python function repr():\n\n    ESX 3.0.1: corrected by Patch ESX-9986131\n    ESX 3.0.0: corrected by ESX-3069097\n    ESX 2.5.4: does not have this problem\n    ESX 2.5.3: does not have this problem\n    ESX 2.1.3: does not have this problem\n    ESX 2.0.2: does not have this problem\n\n    A possible security issue with how the Python function repr()\n    function handles UTF-32/UCS-4 strings. \n\n  ESX 3.0.1\n  http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\n  md5usm: 239375e107fd4c7af57663f023863fcb\n\n  ESX 3.0.0\n  http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\n  md5sum: ca9947239fffda708f2c94f519df33dc\n\n  ESX 2.5.4\n  http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n  md5sum: 239375e107fd4c7af57663f023863fcb\n\n  ESX 2.5.3\n  http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n  md5sum: f90fcab28362edbf2311f3ca90cc7739\n\n  ESX 2.1.3\n  http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n  md5sum: 7d7d0e40f4dccd5ca64b9c13a856da8f\n\n  ESX 2.0.2\n  http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n  md5sum: 925e70f28d17714c53fdbd24de64329f\n\n\n5. References:\n\nESX 3.0.0 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/3069097\n\nESX 3.0.1 Patch URL:\nhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\nKnowledge base URL:  http://kb.vmware.com/kb/9986131\n\nESX 2.5.4 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html\n\nESX 2.5.3 Patch URL:\nhttp://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html\n\nESX 2.1.3 Patch URL:\nhttp://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html\n\nESX 2.0.2 Patch URL:\nhttp://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3589\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980\n\n6. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n- -------------------------------------------------------------------\n~                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2008-0005\nSynopsis:          Updated VMware Workstation, VMware Player, VMware\n~                   Server, VMware ACE, and VMware Fusion resolve\n~                   critical security issues\nIssue date:        2008-03-17\nUpdated on:        2008-03-17 (initial release of advisory)\nCVE numbers:       CVE-2008-0923 CVE-2008-0923 CVE-2008-1361\n~                   CVE-2008-1362 CVE-2007-5269 CVE-2006-2940\n~                   CVE-2006-2937 CVE-2006-4343 CVE-2006-4339\n~                   CVE-2007-5618 CVE-2008-1364 CVE-2008-1363\n~                   CVE-2008-1340\n- -------------------------------------------------------------------\n\n1. \n\n2. Relevant releases:\n\n~   VMware Workstation 6.0.2 and earlier\n~   VMware Workstation 5.5.4 and earlier\n~   VMware Player 2.0.2 and earlier\n~   VMware Player 1.0.4 and earlier\n~   VMware ACE 2.0.2 and earlier\n~   VMware ACE 1.0.2 and earlier\n~   VMware Server 1.0.4 and earlier\n~   VMware Fusion 1.1 and earlier\n\n3. Problem description:\n\n~ a.  Host to guest shared folder (HGFS) traversal vulnerability\n\n~     On Windows hosts, if you have configured a VMware host to guest\n~     shared folder (HGFS), it is possible for a program running in the\n~     guest to gain access to the host\u0027s file system and create or modify\n~     executable files in sensitive locations. \n\nNOTE: VMware Server is not affected because it doesn\u0027t use host to\n~      guest shared folders.  No versions of ESX Server, including\n~      ESX Server 3i, are affected by this vulnerability.  Because\n~      ESX Server is based on a bare-metal hypervisor architecture\n~      and not a hosted architecture, and it doesn\u0027t include any\n~      shared folder abilities.  Fusion and Linux based hosted\n~      products are unaffected. \n\n~     VMware would like to thank CORE Security Technologies for\n~     working with us on this issue.  This addresses advisory\n~     CORE-2007-0930. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     has assigned the name CVE-2008-0923 to this issue. \n\n~     Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ b.  Insecure named pipes\n\n~     An internal security audit determined that a malicious Windows\n~     user could attain and exploit LocalSystem privileges by causing\n~     the authd process to connect to a named pipe that is opened and\n~     controlled by the malicious user. \n\n~     The same internal security audit determined that a malicious\n~     Windows user could exploit an insecurely created named pipe\n~     object to escalate privileges or create a denial of service\n~     attack.  In this situation, the malicious user could\n~     successfully impersonate authd and attain privileges under\n~     which Authd is executing. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     has assigned the names CVE-2008-1361, CVE-2008-1362 to these\n~     issues. \n\n~     Windows Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware Server      1.0 upgrade to version 1.0.5 (Build# 80187)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ c.  Updated libpng library to version 1.2.22 to address various\n~     security vulnerabilities\n\n~     Several flaws were discovered in the way libpng handled various PNG\n~     image chunks. An attacker could create a carefully crafted PNG\n~     image file in such a way that it could cause an application linked\n~     with libpng to crash when the file was manipulated. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     has assigned the name CVE-2007-5269 to this issue. \n\n~     Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware Server      1.0 upgrade to version 1.0.5 (Build# 80187)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~     NOTE: Fusion is not affected by this issue. \n\n~ d.  Updated OpenSSL library to address various security vulnerabilities\n\n~     Updated OpenSSL fixes several security flaws were discovered\n~     in previous versions of OpenSSL. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     assigned the following names to these issues: CVE-2006-2940,\n~     CVE-2006-2937, CVE-2006-4343, CVE-2006-4339. \n\n~     Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware Server      1.0 upgrade to version 1.0.5 (Build# 80187)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~     NOTE: Fusion is not affected by this issue. \n\n~ e.  VIX API default setting changed to a more secure default value\n\n~     Workstation 6.0.2 allowed anonymous console access to the guest by\n~     means of the VIX API. This release, Workstation 6.0.3, disables\n~     this feature. This means that the Eclipse Integrated Virtual\n~     Debugger and the Visual Studio Integrated Virtual Debugger will now\n~     prompt for user account credentials to access a guest. \n\n~     Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n\n~ f.  Windows 2000 based hosted products privilege escalation\n~     vulnerability\n\n~     This release addresses a potential privilege escalation on\n~     Windows 2000 hosted products.  Certain services may be improperly\n~     registered and present a security vulnerability to Windows 2000\n~     machines. \n\n~     VMware would like to thank Ray Hicken for reporting this issue and\n~     David Maciejak for originally pointing out these types of\n~     vulnerabilities. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     assigned the name CVE-2007-5618 to this issue. \n\n~     Windows versions of Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware Server      1.0 upgrade to version 1.0.5 (Build# 80187)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~     NOTE: Fusion and Linux based products are not affected by this\n~           issue. \n\n~ g. \n\n~     VMware would like to thank Martin O\u0027Neal for reporting this issue. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     assigned the name CVE-2008-1364 to this issue. \n\n~     Hosted products\n~     ---------------\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware Server      1.0 upgrade to version 1.0.5 (Build# 80187)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n~     VMware Fusion      1.1 upgrade to version 1.1.1 (Build# 72241)\n\n~     NOTE: This issue doesn\u0027t affect the latest versions of VMware\n~           Workstation 6, VMware Player 2, and ACE 2 products. \n\n~ h.  Local Privilege Escalation on Windows based platforms by\n~     Hijacking VMware VMX configuration file\n\n~     VMware uses a configuration file named \"config.ini\" which\n~     is located in the application data directory of all users. \n~     By manipulating this file, a user could gain elevated\n~     privileges by hijacking the VMware VMX process. \n\n~     VMware would like to thank Sun Bing for reporting the issue. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     assigned the name CVE-2008-1363 to this issue. \n\n~     Windows based Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Workstation 5.5 upgrade to version 5.5.6 (Build# 80404)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware Player      1.0 upgrade to version 1.0.6 (Build# 80404)\n~     VMware Server      1.0 upgrade to version 1.0.5 (Build# 80187)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n~     VMware ACE         1.0 upgrade to version 1.0.5 (Build# 79846)\n\n~ i.  Virtual Machine Communication Interface (VMCI) memory corruption\n~     resulting in denial of service\n\n~     VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0,\n~     and VMware ACE 2.0.  It is an experimental, optional feature and\n~     it may be possible to crash the host system by making specially\n~     crafted calls to the VMCI interface. \n\n~     VMware would like to thank Andrew Honig of the Department of\n~     Defense for reporting this issue. \n\n~     The Common Vulnerabilities and Exposures project (cve.mitre.org)\n~     assigned the name CVE-2008-1340 to this issue. \n\n~     Hosted products\n~     ---------------\n~     VMware Workstation 6.0 upgrade to version 6.0.3 (Build# 80004)\n~     VMware Player      2.0 upgrade to version 2.0.3 (Build# 80004)\n~     VMware ACE         2.0 upgrade to version 2.0.1 (Build# 80004)\n\n4. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n~  VMware Workstation 6.0.3\n~  ------------------------\n~  http://www.vmware.com/download/ws/\n~  Release notes:\n~  http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html\n~  Windows binary\n~  md5sum:  323f054957066fae07735160b73b91e5\n~  RPM Installation file for 32-bit Linux\n~  md5sum:  c44183ad11082f05593359efd220944e\n~  tar Installation file for 32-bit Linux\n~  md5sum:  57601f238106cb12c1dea303ad1b4820\n~  RPM Installation file for 64-bit Linux\n~  md5sum:  e9ba644be4e39556724fa2901c5e94e9\n~  tar Installation file for 64-bit Linux\n~  md5sum:  d8d423a76f99a94f598077d41685e9a9\n\n~  VMware Workstation 5.5.5\n~  ------------------------\n~  http://www.vmware.com/download/ws/ws5.html\n~  Release notes:\n~  http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html\n~  Windows binary\n~  md5sum:  9c2dd94db5eed93d7f64e8d6ba8d8bd3\n~  Compressed Tar archive for 32-bit Linux\n~  md5sum:  77401c0842a151f0b2db0b4fcb0d16eb\n~  Linux RPM version for 32-bit Linux\n~  md5sum:  c222b6db934deb9c1bb79b16b25a3202\n\n~  VMware Server 1.0.5\n~  -------------------\n~  http://www.vmware.com/download/server/\n~  Release notes:\n~  http://www.vmware.com/support/server/doc/releasenotes_server.html\n~  VMware Server for Windows 32-bit and 64-bit\n~  md5sum:  3c4a57310c55e17bf8e4a1059d5b36cc\n~  VMware Server Windows client package\n~  md5sum:  cb3dd2439203dc510f4d95f06ba59d21\n~  VMware Server for Linux\n~  md5sum:  161dcbe5af9bbd9834a86bf7c599903e\n~  VMware Server for Linux rpm\n~  md5sum:  fc3b81ed18b53eda943a992971e9f84a\n~  Management Interface\n~  md5sum:  dd10d25895d9994bd27ca896152f48ef\n~  VMware Server Linux client package\n~  md5sum:  aae18f1f7b8811b5499e3a358754d4f8\n\n~  VMware ACE 2.0.3 and 1.0.5\n~  --------------------------\n~  http://www.vmware.com/download/ace/\n~  Windows Release notes:\n~  http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html\n\n~  VMware Fusion 1.1.1\n~  -------------------\n~  http://www.vmware.com/download/fusion/\n~  Release notes:\n~  http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html\n~  md5sum:  38e116ec26b30e7a6ac47c249ef650d0\n\n~  VMware Player 2.0.3 and 1.0.6\n~  ----------------------\n~  http://www.vmware.com/download/player/\n~  Release notes Player 1.x:\n~  http://www.vmware.com/support/player/doc/releasenotes_player.html\n~  Release notes Player 2.0\n~  http://www.vmware.com/support/player2/doc/releasenotes_player2.html\n~  2.0.3 Windows binary\n~  md5sum:  0c5009d3b569687ae139e13d24c868d3\n~  VMware Player 2.0.3 for Linux (.rpm)\n~  md5sum:  53502b2112a863356dcd13dd0d8dd8f2\n~  VMware Player 2.0.3 for Linux (.tar)\n~  md5sum:  2305fcff49bef6e4ad83742412eac978\n~  VMware Player 2.0.3 - 64-bit (.rpm)\n~  md5sum:  cf945b571c4d96146ede010286fdfca5\n~  VMware Player 2.0.3 - 64-bit (.tar)\n~  md5sum:  f99c5b293eb87c5f918ad24111565b9f\n~  1.0.6 Windows binary\n~  md5sum:  895081406c4de5361a1700ec0473e49c\n~  Player 1.0.6 for Linux (.rpm)\n~  md5sum:  8adb23799dd2014be0b6d77243c76942\n~  Player 1.0.6 for Linux (.tar)\n~  md5sum:  c358f8e1387fb60863077d6f8a9f7b3f\n\n5. References:\n\n~   CVE numbers\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1361\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1362\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5618\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1364\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1363\n~   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1340\n\n- -------------------------------------------------------------------\n6. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n~  * security-announce@lists.vmware.com\n~  * bugtraq@securityfocus.com\n~  * full-disclosure@lists.grok.org.uk\n\nE-mail:  security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc.  All rights reserved. \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFH3yTxS2KysvBH1xkRCHq8AJ0QOMocv/gSz/hgdojA39PGVO6pUACePCRv\nCv8MnL2bYPyDfYQ3f4IUL+w=\n=tFXS\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00967144\nVersion: 1\n\nHPSBTU02207 SSRT061213, SSRT061239, SSRT071304 rev.1 - HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nReferences: VU#547300, VU#386964, CAN-2006-4339, CVE-2006-2937, CVE-2006-2940, CVE-2006-3738 (SSL) \nVU#697164, VU#915404, CVE-2007-0493, CVE-2007-0494 (BIND) \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nThe following supported software versions are affected: \nHP Tru64 UNIX v 5.1B-4 (SSL and BIND) \nHP Tru64 UNIX v 5.1B-3 (SSL and BIND) \nHP Tru64 UNIX v 5.1A PK6 (BIND) \nHP Tru64 UNIX v 4.0G PK4 (BIND) \nHP Tru64 UNIX v 4.0F PK8 (BIND) \nInternet Express (IX) v 6.6 BIND (BIND) \nHP Insight Management Agents for Tru64 UNIX patch v 3.5.2 and earlier (SSL) \n\nBACKGROUND\n\nRESOLUTION\n\nHP has released the following Early Release Patch kits (ERPs) publicly for use by any customer. The ERP kits use dupatch to install and will not install over any Customer Specific Patches (CSPs) that have file intersections with the ERP. A new patch version for HP Insight Management Agents for Tru64 UNIX is also available that addresses the potential vulnerabilities. \n\nThe fixes contained in the ERP kits will be available in the following mainstream releases:\n -Targeted for availability in HP Tru64 UNIX v 5.1B-5 \n -Internet Express (IX) v 6.7 \n -HP Insight Management Agents for Tru64 UNIX patch v 3.6.1 (already available) \n\nHP Tru64 UNIX Version 5.1B-4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001167-V51BB27-ES-20070321 \nName: T64KIT1001167-V51BB27-ES-20070321\nMD5 Checksum: a697a90bd0b1116b6f27d1100bbf81fd\n \nHP Tru64 UNIX Version 5.1B-3 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001163-V51BB26-ES-20070315 \nName: T64KIT1001163-V51BB26-ES-20070315\nMD5 Checksum: d376d403176f0dbe7badd4df4e91c126\n \nHP Tru64 UNIX Version 5.1A PK6 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001160-V51AB24-ES-20070314 \nName: T64KIT1001160-V51AB24-ES-20070314\nMD5 Checksum: 7bb43ef667993f7c4711b6cf978e0aa7\n \nHP Tru64 UNIX Version 4.0G PK4 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001166-V40GB22-ES-20070316 \nName: T64KIT1001166-V40GB22-ES-20070316\nMD5 Checksum: a446c39169b769c4a03c654844d5ac45\n \nHP Tru64 UNIX Version 4.0F PK8 ERP Kit \nLocation: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1001165-V40FB22-ES-20070316 \nName: DUXKIT1001165-V40FB22-ES-20070316\nMD5 Checksum: 718148c87a913536b32a47af4c36b04e\n \nHP Insight Management Agents for Tru64 UNIX patch version 3.6.1 (for kit CPQIIM360) \nLocation: http://h30097.www3.hp.com/cma/patches.html \nName: CPQIM360.SSL.01.tar.gz\nMD5 Checksum: 1001a10ab642461c87540826dfe28652\n \nInternet Express (IX) v 6.6 BIND \nNote: Customers who use Internet Express (IX) v 6.6 BIND should install the BIND 9.2.8 patch from the ERP kit appropriate for their base operating system version. \n \n\n\nPRODUCT SPECIFIC INFORMATION \n\nThe HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 ERP kits distribute two patches:\n -OpenSSL 0.9.8d \n -BIND 9.2.8 built with OpenSSL 0.9.8d \n\nNote: HP Tru64 UNIX v 5.1A, v 4.0G, and v 4.0F releases did not distribute OpenSSL and so their ERP kits provide only the BIND 9.2.8 patch that has been built with OpenSSL 0.9.8d\n\nCustomers who have been using OpenSSL on HP Tru64 UNIX v 5.1B-3 and v 5.1B-4 should install the OpenSSL patch from the ERP kit appropriate for their base operating system version. \n\nThe HP Insight Management Agents for Tru64 UNIX patch contains OpenSSL 0.9.8d and is applicable for HP Tru64 UNIX v 5.1A, v 5.1B-3, and v 5.1B-4. \n\nHISTORY \nVersion:1 (rev.1) - 12 April 2007 Initial release \n\nThird Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n  To: security-alert@hp.com \n  Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n  - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n  - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. rPath Security Advisory: 2006-0175-1\nPublished: 2006-09-28\nProducts: rPath Linux 1\nRating: Major\nExposure Level Classification:\n    Remote Deterministic Unauthorized Access\nUpdated Versions:\n    openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n    openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.4-1\n\nReferences:\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n    http://issues.rpath.com/browse/RPL-613\n\nDescription:\n    Previous versions of the openssl package are vulnerable to multiple\n    attacks. \n    In particular, any connection that the mysql daemon will accept\n    may be vulnerable.  In the default configuration of mysql, that\n    would be a local unauthorized access vulnerability, but mysql can\n    be configured to listen for network connections from remote hosts,\n    which would then enable remote unauthorized access.  Any program\n    that calls the SSL_get_shared_ciphers() function may be vulnerable. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \n________________________________________________________________________\n\nReferences:\n  [0] http://www.openssl.org/news/secadv_20060928.txt \n  [1] http://www.openssl.org/\n  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n________________________________________________________________________\n\nFor security reasons, this advisory was digitally signed with the\nOpenPGP public key \"OpenPKG \u003copenpkg@openpkg.org\u003e\" (ID 63C4CB9F) of the\nOpenPKG project which you can retrieve from http://pgp.openpkg.org and\nhkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org\nfor details on how to verify the integrity of this advisory. \n--WfZ7S8PLGjBY9Voh\nContent-Type: text/plain; charset=us-ascii\nContent-Disposition: inline\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 200610-11\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: High\n     Title: OpenSSL: Multiple vulnerabilities\n      Date: October 24, 2006\n      Bugs: #145510\n        ID: 200610-11\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenSSL contains multiple vulnerabilities including the possible remote\nexecution of arbitrary code. \n\nBackground\n==========\n\nOpenSSL is a toolkit implementing the Secure Sockets Layer, Transport\nLayer Security protocols and a general-purpose cryptography library. Additionally Dr. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL 0.9.8 users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.8d\"\n\nAll OpenSSL 0.9.7 users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=dev-libs/openssl-0.9.7l\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2006-2937\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n  [ 2 ] CVE-2006-2940\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n  [ 3 ] CVE-2006-3738\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n  [ 4 ] CVE-2006-4343\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-200610-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2006 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2006.0:\n 17e2d82c3f6c0afbf48eccbfbcc17b55  2006.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78  2006.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2  2006.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 8291bde3bd9aa95533aabc07280203b8  2006.0/i586/openssl-0.9.7g-2.4.20060mdk.i586.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc  2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n b2ce6e6bb7e3114663d3a074d0cc7da5  2006.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mdk.x86_64.rpm\n f7c8dbc2eda0c90547d43661454d1068  2006.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 7c9ebd9f9179f4e93627dcf0f3442335  2006.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.x86_64.rpm\n 17e2d82c3f6c0afbf48eccbfbcc17b55  2006.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mdk.i586.rpm\n 8c3f89e1900f069d4a4ad3162a9f7d78  2006.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 3a68c653ba0339ba99162459385c72e2  2006.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mdk.i586.rpm\n 6ce5832a59b8b67425cb7026ea9dc876  2006.0/x86_64/openssl-0.9.7g-2.4.20060mdk.x86_64.rpm \n 52b3fbfc1389bcd73e406d6ff741e9dc  2006.0/SRPMS/openssl-0.9.7g-2.4.20060mdk.src.rpm\n\n Mandriva Linux 2007.0:\n 1bfeff47c8d2f6c020c459881be68207  2007.0/i586/libopenssl0.9.8-0.9.8b-2.1mdv2007.0.i586.rpm\n 1e1a4db54ddfaedb08a6d847422099ff  2007.0/i586/libopenssl0.9.8-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 59c80405f33b2e61ffd3cef025635e21  2007.0/i586/libopenssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.i586.rpm\n 3a6657970a2e7661bd869d221a69c8da  2007.0/i586/openssl-0.9.8b-2.1mdv2007.0.i586.rpm \n aad29e57ddceb66105af5d6434de9a62  2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n af679c647d97214244a8423dc1a766b7  2007.0/x86_64/lib64openssl0.9.8-0.9.8b-2.1mdv2007.0.x86_64.rpm\n d7b1ed07df4115b3bcc3907e00d25a89  2007.0/x86_64/lib64openssl0.9.8-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 5bd3ece2c0ec7a3201c29fa84e25a75a  2007.0/x86_64/lib64openssl0.9.8-static-devel-0.9.8b-2.1mdv2007.0.x86_64.rpm\n 9b028020dba009eddbf06eeb8607b87f  2007.0/x86_64/openssl-0.9.8b-2.1mdv2007.0.x86_64.rpm \n aad29e57ddceb66105af5d6434de9a62  2007.0/SRPMS/openssl-0.9.8b-2.1mdv2007.0.src.rpm\n\n Corporate 3.0:\n c99ea58f6f4959a4c36398cc6b2b4ee2  corporate/3.0/i586/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 98a925c5ba2ecc9d704b1e730035755e  corporate/3.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 151493a50693e3b9cc67bfafadb9ce42  corporate/3.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.i586.rpm\n 82b4709bdbb9128746887013a724356a  corporate/3.0/i586/openssl-0.9.7c-3.6.C30mdk.i586.rpm \n a5bdbe6afa52005a734dc18aa951677d  corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 01a922d80d6fc9d1b36dde15ee27747e  corporate/3.0/x86_64/lib64openssl0.9.7-0.9.7c-3.6.C30mdk.x86_64.rpm\n 30268f0b70862d1f5998694ac8b4addc  corporate/3.0/x86_64/lib64openssl0.9.7-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n e0388ff1efa34ea55d033e95b4e9bb63  corporate/3.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7c-3.6.C30mdk.x86_64.rpm\n c99ea58f6f4959a4c36398cc6b2b4ee2  corporate/3.0/x86_64/libopenssl0.9.7-0.9.7c-3.6.C30mdk.i586.rpm\n 83759622f0cc8ea9c0f6d32671283354  corporate/3.0/x86_64/openssl-0.9.7c-3.6.C30mdk.x86_64.rpm \n a5bdbe6afa52005a734dc18aa951677d  corporate/3.0/SRPMS/openssl-0.9.7c-3.6.C30mdk.src.rpm\n\n Corporate 4.0:\n 6d71d2358738be9967b2dfe19d3642f1  corporate/4.0/i586/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf  corporate/4.0/i586/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787  corporate/4.0/i586/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n d8477333b67ec3a36ba46c50e6183993  corporate/4.0/i586/openssl-0.9.7g-2.4.20060mlcs4.i586.rpm \n b65dbbd9fb3d74d302478640476a2cd2  corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 746e5e916d1e05379373138a5db20923  corporate/4.0/x86_64/lib64openssl0.9.7-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n a2b1d750075a32fe8badbdf1f7febafe  corporate/4.0/x86_64/lib64openssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 47c464cf890a004f772c1db3e839fa12  corporate/4.0/x86_64/lib64openssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.x86_64.rpm\n 6d71d2358738be9967b2dfe19d3642f1  corporate/4.0/x86_64/libopenssl0.9.7-0.9.7g-2.4.20060mlcs4.i586.rpm\n 22890554d3096ce596eeec7393ee3fcf  corporate/4.0/x86_64/libopenssl0.9.7-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 679fe740859fa35b2bb77b19c4a0e787  corporate/4.0/x86_64/libopenssl0.9.7-static-devel-0.9.7g-2.4.20060mlcs4.i586.rpm\n 1030a6124a9fa4fd5a41bdff077301bf  corporate/4.0/x86_64/openssl-0.9.7g-2.4.20060mlcs4.x86_64.rpm \n b65dbbd9fb3d74d302478640476a2cd2  corporate/4.0/SRPMS/openssl-0.9.7g-2.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 19055eda58e1f75814e594ce7709a710  mnf/2.0/i586/libopenssl0.9.7-0.9.7c-3.6.M20mdk.i586.rpm\n abfe548617969f619aec5b0e807f1f67  mnf/2.0/i586/libopenssl0.9.7-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 92e7515c9125367a79fdb490f5b39cd4  mnf/2.0/i586/libopenssl0.9.7-static-devel-0.9.7c-3.6.M20mdk.i586.rpm\n 847eecb1d07e4cab3d1de1452103c3a0  mnf/2.0/i586/openssl-0.9.7c-3.6.M20mdk.i586.rpm \n b6b67fa82d7119cde7ab7816aed17059  mnf/2.0/SRPMS/openssl-0.9.7c-3.6.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFFHA4hmqjQ0CJFipgRApknAJ9Ybd8xjfkR+RL1fWEI2Fgn/KIuqACeOH/0\nwB09L3fylyiHgrXvSV6VL7A=\n=/+dm\n-----END PGP SIGNATURE-----\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-2940"
          },
          {
            "db": "CERT/CC",
            "id": "VU#423396"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20247"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "64684"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          }
        ],
        "trust": 5.76
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "BID",
            "id": "22083",
            "trust": 4.5
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2940",
            "trust": 3.8
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 3.4
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 3.4
          },
          {
            "db": "SECUNIA",
            "id": "23351",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 1.8
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 1.8
          },
          {
            "db": "BID",
            "id": "20247",
            "trust": 1.3
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788",
            "trust": 1.1
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-1401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-0343",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3902",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3869",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3860",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4401",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2315",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4019",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4264",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4036",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4327",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4417",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-2396",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4329",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4750",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3820",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-4980",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2007-2783",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2006-3936",
            "trust": 1.0
          },
          {
            "db": "VUPEN",
            "id": "ADV-2008-0905",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26329",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24930",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "30124",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22799",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22298",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31492",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "31531",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22500",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23038",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22460",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23915",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22671",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22487",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23680",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22626",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23794",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "26893",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22772",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "24950",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "25889",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 1.0
          },
          {
            "db": "SECUNIA",
            "id": "22758",
            "trust": 1.0
          },
          {
            "db": "BID",
            "id": "28276",
            "trust": 1.0
          },
          {
            "db": "SECTRACK",
            "id": "1017522",
            "trust": 1.0
          },
          {
            "db": "OSVDB",
            "id": "29261",
            "trust": 1.0
          },
          {
            "db": "USCERT",
            "id": "TA06-333A",
            "trust": 1.0
          },
          {
            "db": "CERT/CC",
            "id": "VU#423396",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.0696",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "169663",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "64684",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "56053",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "51324",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#423396"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20247"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "64684"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2940"
          }
        ]
      },
      "id": "VAR-200609-1586",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.251886895
      },
      "last_update_date": "2026-04-10T22:44:19.599000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-399",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2006-2940"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 4.2,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 3.6,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 2.6,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 2.4,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 2.4,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 1.4,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 1.3,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 1.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-260.htm"
          },
          {
            "trust": 1.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 1.1,
            "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.red-database-security.com/advisory/oracle_cpu_jan_2007.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "trust": 1.1,
            "url": "http://issues.rpath.com/browse/rpl-613"
          },
          {
            "trust": 1.1,
            "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22385"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22172"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26329"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22330"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22220"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22116"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22799"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22094"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3860"
          },
          {
            "trust": 1.0,
            "url": "https://issues.rpath.com/browse/rpl-1633"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2008/0905/references"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1185"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22193"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/20247"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22216"
          },
          {
            "trust": 1.0,
            "url": "http://www.uniras.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
          },
          {
            "trust": 1.0,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31531"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4401"
          },
          {
            "trust": 1.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.arkoon.fr/upload/alertes/37ak-2006-06-fr-1.1_fast360_openssl_asn1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:172"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1017522"
          },
          {
            "trust": 1.0,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10311"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.676946"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4329"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22626"
          },
          {
            "trust": 1.0,
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22212"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23309"
          },
          {
            "trust": 1.0,
            "url": "http://lists.apple.com/archives/security-announce/2006/nov/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "http://openvpn.net/changelog.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2783"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22460"
          },
          {
            "trust": 1.0,
            "url": "http://www.vmware.com/security/advisories/vmsa-2008-0005.html"
          },
          {
            "trust": 1.0,
            "url": "http://marc.info/?l=bind-announce\u0026m=116253119512445\u0026w=2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/bid/28276"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22240"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22772"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00805100"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22671"
          },
          {
            "trust": 1.0,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:178"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24950"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4019"
          },
          {
            "trust": 1.0,
            "url": "http://www.debian.org/security/2006/dsa-1195"
          },
          {
            "trust": 1.0,
            "url": "http://www.arkoon.fr/upload/alertes/41ak-2006-08-fr-1.1_ssl360_openssl_asn1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23915"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/25889"
          },
          {
            "trust": 1.0,
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-p.asc"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29230"
          },
          {
            "trust": 1.0,
            "url": "http://www.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22298"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23155"
          },
          {
            "trust": 1.0,
            "url": "http://www.redhat.com/support/errata/rhsa-2006-0695.html"
          },
          {
            "trust": 1.0,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-220.htm"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4036"
          },
          {
            "trust": 1.0,
            "url": "http://www.serv-u.com/releasenotes/"
          },
          {
            "trust": 1.0,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-007.txt.asc"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22165"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23351"
          },
          {
            "trust": 1.0,
            "url": "http://securitytracker.com/id?1016943"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22259"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-2"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23038"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/2315"
          },
          {
            "trust": 1.0,
            "url": "http://support.attachmate.com/techdocs/2374.html"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3820"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4980"
          },
          {
            "trust": 1.0,
            "url": "http://sourceforge.net/project/shownotes.php?release_id=461863\u0026group_id=69227"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/1401"
          },
          {
            "trust": 1.0,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.0,
            "url": "http://www.trustix.org/errata/2006/0054"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23280"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22130"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22166"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2007/0343"
          },
          {
            "trust": 1.0,
            "url": "http://www.ubuntu.com/usn/usn-353-1"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23794"
          },
          {
            "trust": 1.0,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01118771"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2008/2396"
          },
          {
            "trust": 1.0,
            "url": "http://security.freebsd.org/advisories/freebsd-sa-06:23.openssl.asc"
          },
          {
            "trust": 1.0,
            "url": "http://www.openpkg.org/security/advisories/openpkg-sa-2006.021-openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3902"
          },
          {
            "trust": 1.0,
            "url": "http://www.cisco.com/en/us/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22260"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22284"
          },
          {
            "trust": 1.0,
            "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22500"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3869"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22186"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/30124"
          },
          {
            "trust": 1.0,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22544"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4327"
          },
          {
            "trust": 1.0,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1"
          },
          {
            "trust": 1.0,
            "url": "http://itrc.hp.com/service/cki/docdisplay.do?docid=c00849540"
          },
          {
            "trust": 1.0,
            "url": "https://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00967144"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/3936"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4750"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22758"
          },
          {
            "trust": 1.0,
            "url": "http://openbsd.org/errata.html#openssl2"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4264"
          },
          {
            "trust": 1.0,
            "url": "http://www.us-cert.gov/cas/techalerts/ta06-333a.html"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/24930"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/26893"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/29261"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/23340"
          },
          {
            "trust": 1.0,
            "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
          },
          {
            "trust": 1.0,
            "url": "http://secunia.com/advisories/22207"
          },
          {
            "trust": 1.0,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:177"
          },
          {
            "trust": 1.0,
            "url": "http://www.vupen.com/english/advisories/2006/4417"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-2531"
          },
          {
            "trust": 0.8,
            "url": "http://www.hornik.sk/sa/sa-20040802.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.gnu.org/software/gnutls/"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/alerts/2004/aug/1010838.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20060928-00661.pdf?lang=en"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/23351/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.6,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.0696"
          },
          {
            "trust": 0.5,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.5,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2940"
          },
          {
            "trust": 0.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-2937"
          },
          {
            "trust": 0.4,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.3,
            "url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
          },
          {
            "trust": 0.3,
            "url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c00967144"
          },
          {
            "trust": 0.3,
            "url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?admit=-682735245+1165342903618+28353475\u0026docid=c00805100"
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/home.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-452.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.arkoon.fr/upload/alertes/45ak-2006-08-en-1.1_ssl360_openssl_asn1.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "http://support.attachmate.com/techdocs/2374.html#security_updates_in_7.0_sp1"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://a1851.g.akamaitech.net/f/1851/2996/24h/cacheb.xerox.com/downloads/usa/en/c/cert_essnetwork_xrx07001_v1.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_buffer_overflow_ons.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.red-database-security.com/advisory/oracle_xmldb_css2.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/oracle-cpu-january-2007/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.integrigy.com/security-resources/analysis/cpu-january-2007-tech-matrix/view"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-01.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-03.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-06.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-02.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/index.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4092"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/221788"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/457193"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/464470"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458657"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458036"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458006"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458037"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458005"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458041"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458038"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/458475"
          },
          {
            "trust": 0.3,
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4343"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3738"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4339"
          },
          {
            "trust": 0.2,
            "url": "https://www.niscc.gov.uk)."
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.2,
            "url": "http://www.vmware.com/security"
          },
          {
            "trust": 0.2,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.2,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4339"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/"
          },
          {
            "trust": 0.1,
            "url": "https://www.openssl.org/source/mirror.html):"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/9986131"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/vmtn/technology/security/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-3589"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2006-4980"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/3069097"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5618"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1340"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1361"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/ace/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/player/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1362"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/ws/ws5.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5269"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1363"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/fusion/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5618"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0923"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/ws/"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1364"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/download/server/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-0923"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
          },
          {
            "trust": 0.1,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0494"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2007-0493"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001167-v51bb27-es-20070321"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001163-v51bb26-es-20070315"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
          },
          {
            "trust": 0.1,
            "url": "http://h30097.www3.hp.com/cma/patches.html"
          },
          {
            "trust": 0.1,
            "url": "http://h30046.www3.hp.com/subsignin.php"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=duxkit1001165-v40fb22-es-20070316"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001166-v40gb22-es-20070316"
          },
          {
            "trust": 0.1,
            "url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001160-v51ab24-es-20070314"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2940"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3738"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2937"
          },
          {
            "trust": 0.1,
            "url": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4343"
          },
          {
            "trust": 0.1,
            "url": "http://pgp.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org"
          },
          {
            "trust": 0.1,
            "url": "http://www.openpkg.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#423396"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "20247"
          },
          {
            "db": "BID",
            "id": "22083"
          },
          {
            "db": "PACKETSTORM",
            "id": "169663"
          },
          {
            "db": "PACKETSTORM",
            "id": "53566"
          },
          {
            "db": "PACKETSTORM",
            "id": "64684"
          },
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "PACKETSTORM",
            "id": "50560"
          },
          {
            "db": "PACKETSTORM",
            "id": "51324"
          },
          {
            "db": "PACKETSTORM",
            "id": "50548"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2940"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#423396",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#221788",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "db": "BID",
            "id": "20247",
            "ident": null
          },
          {
            "db": "BID",
            "id": "22083",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "169663",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "53566",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "64684",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "56053",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50535",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50560",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "51324",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "50548",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2006-2940",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#423396",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2007-01-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#221788",
            "ident": null
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "BID",
            "id": "20247",
            "ident": null
          },
          {
            "date": "2007-01-16T00:00:00",
            "db": "BID",
            "id": "22083",
            "ident": null
          },
          {
            "date": "2006-09-28T12:12:12",
            "db": "PACKETSTORM",
            "id": "169663",
            "ident": null
          },
          {
            "date": "2007-01-13T22:56:30",
            "db": "PACKETSTORM",
            "id": "53566",
            "ident": null
          },
          {
            "date": "2008-03-19T02:18:56",
            "db": "PACKETSTORM",
            "id": "64684",
            "ident": null
          },
          {
            "date": "2007-04-19T00:58:08",
            "db": "PACKETSTORM",
            "id": "56053",
            "ident": null
          },
          {
            "date": "2006-10-04T00:44:50",
            "db": "PACKETSTORM",
            "id": "50535",
            "ident": null
          },
          {
            "date": "2006-10-04T01:20:54",
            "db": "PACKETSTORM",
            "id": "50560",
            "ident": null
          },
          {
            "date": "2006-10-25T21:37:36",
            "db": "PACKETSTORM",
            "id": "51324",
            "ident": null
          },
          {
            "date": "2006-10-04T00:46:38",
            "db": "PACKETSTORM",
            "id": "50548",
            "ident": null
          },
          {
            "date": "2001-10-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-533",
            "ident": null
          },
          {
            "date": "2006-09-28T18:07:00",
            "db": "NVD",
            "id": "CVE-2006-2940",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2007-02-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#423396",
            "ident": null
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2007-01-17T00:00:00",
            "db": "CERT/CC",
            "id": "VU#221788",
            "ident": null
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2011-05-09T19:53:00",
            "db": "BID",
            "id": "20247",
            "ident": null
          },
          {
            "date": "2008-05-20T23:05:00",
            "db": "BID",
            "id": "22083",
            "ident": null
          },
          {
            "date": "2022-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200609-533",
            "ident": null
          },
          {
            "date": "2025-04-09T00:30:58.490000",
            "db": "NVD",
            "id": "CVE-2006-2940",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "56053"
          },
          {
            "db": "PACKETSTORM",
            "id": "50535"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          }
        ],
        "trust": 0.8
      },
      "title": {
        "_id": null,
        "data": "X.509 certificate verification may be vulnerable to resource exhaustion",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#423396"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "resource management error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200609-533"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201107-0125

    Vulnerability from variot - Updated: 2026-04-10 22:42

    The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. cURL/libcURL is prone to a vulnerability that may allow attackers to spoof clients' security credentials. This issue affects cURL/libcURL versions 7.10.6 through 7.21.6. This is obviously a very sensitive operation, which should only be done when the user explicitly so directs.

    For the oldstable distribution (lenny), this problem has been fixed in version 7.18.2-8lenny5.

    For the stable distribution (squeeze), this problem has been fixed in version 7.21.0-2.

    For the testing distribution (wheezy), this problem has been fixed in version 7.21.6-2.

    For the unstable distribution (sid), this problem has been fixed in version 7.21.6-2. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Summary:

    Updated curl packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.

    The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Relevant releases/architectures:

    RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

    1. Description:

    cURL provides the libcurl library and a command line tool for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. (CVE-2011-2192)

    Users of curl should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libcurl must be restarted for the update to take effect. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

    1. Bugs fixed (http://bugzilla.redhat.com/):

    711454 - CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation

    1. Package List:

    Red Hat Enterprise Linux AS version 4:

    Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm

    i386: curl-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-devel-7.12.1-17.el4.i386.rpm

    ia64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.ia64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.ia64.rpm curl-devel-7.12.1-17.el4.ia64.rpm

    ppc: curl-7.12.1-17.el4.ppc.rpm curl-7.12.1-17.el4.ppc64.rpm curl-debuginfo-7.12.1-17.el4.ppc.rpm curl-debuginfo-7.12.1-17.el4.ppc64.rpm curl-devel-7.12.1-17.el4.ppc.rpm

    s390: curl-7.12.1-17.el4.s390.rpm curl-debuginfo-7.12.1-17.el4.s390.rpm curl-devel-7.12.1-17.el4.s390.rpm

    s390x: curl-7.12.1-17.el4.s390.rpm curl-7.12.1-17.el4.s390x.rpm curl-debuginfo-7.12.1-17.el4.s390.rpm curl-debuginfo-7.12.1-17.el4.s390x.rpm curl-devel-7.12.1-17.el4.s390x.rpm

    x86_64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.x86_64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.x86_64.rpm curl-devel-7.12.1-17.el4.x86_64.rpm

    Red Hat Enterprise Linux Desktop version 4:

    Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm

    i386: curl-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-devel-7.12.1-17.el4.i386.rpm

    x86_64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.x86_64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.x86_64.rpm curl-devel-7.12.1-17.el4.x86_64.rpm

    Red Hat Enterprise Linux ES version 4:

    Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm

    i386: curl-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-devel-7.12.1-17.el4.i386.rpm

    ia64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.ia64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.ia64.rpm curl-devel-7.12.1-17.el4.ia64.rpm

    x86_64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.x86_64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.x86_64.rpm curl-devel-7.12.1-17.el4.x86_64.rpm

    Red Hat Enterprise Linux WS version 4:

    Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm

    i386: curl-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-devel-7.12.1-17.el4.i386.rpm

    ia64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.ia64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.ia64.rpm curl-devel-7.12.1-17.el4.ia64.rpm

    x86_64: curl-7.12.1-17.el4.i386.rpm curl-7.12.1-17.el4.x86_64.rpm curl-debuginfo-7.12.1-17.el4.i386.rpm curl-debuginfo-7.12.1-17.el4.x86_64.rpm curl-devel-7.12.1-17.el4.x86_64.rpm

    Red Hat Enterprise Linux Desktop (v. 5 client):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/curl-7.15.5-9.el5_6.3.src.rpm

    i386: curl-7.15.5-9.el5_6.3.i386.rpm curl-debuginfo-7.15.5-9.el5_6.3.i386.rpm

    x86_64: curl-7.15.5-9.el5_6.3.i386.rpm curl-7.15.5-9.el5_6.3.x86_64.rpm curl-debuginfo-7.15.5-9.el5_6.3.i386.rpm curl-debuginfo-7.15.5-9.el5_6.3.x86_64.rpm

    RHEL Desktop Workstation (v. 5 client):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/curl-7.15.5-9.el5_6.3.src.rpm

    i386: curl-debuginfo-7.15.5-9.el5_6.3.i386.rpm curl-devel-7.15.5-9.el5_6.3.i386.rpm

    x86_64: curl-debuginfo-7.15.5-9.el5_6.3.i386.rpm curl-debuginfo-7.15.5-9.el5_6.3.x86_64.rpm curl-devel-7.15.5-9.el5_6.3.i386.rpm curl-devel-7.15.5-9.el5_6.3.x86_64.rpm

    Red Hat Enterprise Linux (v. 5 server):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/curl-7.15.5-9.el5_6.3.src.rpm

    i386: curl-7.15.5-9.el5_6.3.i386.rpm curl-debuginfo-7.15.5-9.el5_6.3.i386.rpm curl-devel-7.15.5-9.el5_6.3.i386.rpm

    ia64: curl-7.15.5-9.el5_6.3.ia64.rpm curl-debuginfo-7.15.5-9.el5_6.3.ia64.rpm curl-devel-7.15.5-9.el5_6.3.ia64.rpm

    ppc: curl-7.15.5-9.el5_6.3.ppc.rpm curl-7.15.5-9.el5_6.3.ppc64.rpm curl-debuginfo-7.15.5-9.el5_6.3.ppc.rpm curl-debuginfo-7.15.5-9.el5_6.3.ppc64.rpm curl-devel-7.15.5-9.el5_6.3.ppc.rpm curl-devel-7.15.5-9.el5_6.3.ppc64.rpm

    s390x: curl-7.15.5-9.el5_6.3.s390.rpm curl-7.15.5-9.el5_6.3.s390x.rpm curl-debuginfo-7.15.5-9.el5_6.3.s390.rpm curl-debuginfo-7.15.5-9.el5_6.3.s390x.rpm curl-devel-7.15.5-9.el5_6.3.s390.rpm curl-devel-7.15.5-9.el5_6.3.s390x.rpm

    x86_64: curl-7.15.5-9.el5_6.3.i386.rpm curl-7.15.5-9.el5_6.3.x86_64.rpm curl-debuginfo-7.15.5-9.el5_6.3.i386.rpm curl-debuginfo-7.15.5-9.el5_6.3.x86_64.rpm curl-devel-7.15.5-9.el5_6.3.i386.rpm curl-devel-7.15.5-9.el5_6.3.x86_64.rpm

    Red Hat Enterprise Linux Desktop (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm

    i386: curl-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm

    x86_64: curl-7.19.7-26.el6_1.1.x86_64.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.x86_64.rpm

    Red Hat Enterprise Linux Desktop Optional (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm

    i386: curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm

    x86_64: curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm

    Red Hat Enterprise Linux HPC Node (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm

    x86_64: curl-7.19.7-26.el6_1.1.x86_64.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.x86_64.rpm

    Red Hat Enterprise Linux HPC Node Optional (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm

    x86_64: curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm

    i386: curl-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm

    ppc64: curl-7.19.7-26.el6_1.1.ppc64.rpm curl-debuginfo-7.19.7-26.el6_1.1.ppc.rpm curl-debuginfo-7.19.7-26.el6_1.1.ppc64.rpm libcurl-7.19.7-26.el6_1.1.ppc.rpm libcurl-7.19.7-26.el6_1.1.ppc64.rpm libcurl-devel-7.19.7-26.el6_1.1.ppc.rpm libcurl-devel-7.19.7-26.el6_1.1.ppc64.rpm

    s390x: curl-7.19.7-26.el6_1.1.s390x.rpm curl-debuginfo-7.19.7-26.el6_1.1.s390.rpm curl-debuginfo-7.19.7-26.el6_1.1.s390x.rpm libcurl-7.19.7-26.el6_1.1.s390.rpm libcurl-7.19.7-26.el6_1.1.s390x.rpm libcurl-devel-7.19.7-26.el6_1.1.s390.rpm libcurl-devel-7.19.7-26.el6_1.1.s390x.rpm

    x86_64: curl-7.19.7-26.el6_1.1.x86_64.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.x86_64.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 6):

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm

    i386: curl-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm

    x86_64: curl-7.19.7-26.el6_1.1.x86_64.rpm curl-debuginfo-7.19.7-26.el6_1.1.i686.rpm curl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm libcurl-7.19.7-26.el6_1.1.i686.rpm libcurl-7.19.7-26.el6_1.1.x86_64.rpm libcurl-devel-7.19.7-26.el6_1.1.i686.rpm libcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2011-2192.html https://access.redhat.com/security/updates/classification/#moderate http://curl.haxx.se/docs/adv_20110623.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001

    OS X Lion v10.7.3 and Security Update 2012-001 is now available and addresses the following:

    Address Book Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker in a privileged network position may intercept CardDAV data Description: Address Book supports Secure Sockets Layer (SSL) for accessing CardDAV. A downgrade issue caused Address Book to attempt an unencrypted connection if an encrypted connection failed. An attacker in a privileged network position could abuse this behavior to intercept CardDAV data. This issue is addressed by not downgrading to an unencrypted connection without user approval. CVE-ID CVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation

    Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in Apache Description: Apache is updated to version 2.2.21 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/ CVE-ID CVE-2011-3348

    Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Apache disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by providing a configuration parameter to control the countermeasure and enabling it by default. CVE-ID CVE-2011-3389

    CFNetwork Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send the request to an incorrect origin server. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook

    CFNetwork Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3447 : Erling Ellingsen of Facebook

    ColorSync Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative

    CoreAudio Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Playing maliciously crafted audio content may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of AAC encoded audio streams. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3252 : Luigi Auriemma working with TippingPoint's Zero Day Initiative

    CoreMedia Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in CoreMedia's handling of H.264 encoded movie files. CVE-ID CVE-2011-3448 : Scott Stender of iSEC Partners

    CoreText Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue existed in the handling of font files. CVE-ID CVE-2011-3449 : Will Dormann of the CERT/CC

    CoreUI Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution Description: An unbounded stack allocation issue existed in the handling of long URLs. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3450 : Ben Syverson

    curl Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A remote server may be able to impersonate clients via GSSAPI requests Description: When doing GSSAPI authentication, libcurl unconditionally performs credential delegation. This issue is addressed by disabling GSSAPI credential delegation. CVE-ID CVE-2011-2192

    Data Security Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Two certificate authorities in the list of trusted root certificates have independently issued intermediate certificates to DigiCert Malaysia. DigiCert Malaysia has issued certificates with weak keys that it is unable to revoke. An attacker with a privileged network position could intercept user credentials or other sensitive information intended for a site with a certificate issued by DigiCert Malaysia. This issue is addressed by configuring default system trust settings so that DigiCert Malaysia's certificates are not trusted. We would like to acknowledge Bruce Morton of Entrust, Inc.

    dovecot Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. Dovecot disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling the countermeasure. CVE-ID CVE-2011-3389 : Apple

    filecmds Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Decompressing a maliciously crafted compressed file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the 'uncompress' command line tool. CVE-ID CVE-2011-2895

    ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies

    ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue is address by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167

    ImageIO Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in libpng 1.5.4 Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-3328

    Internet Sharing Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A Wi-Fi network created by Internet Sharing may lose security settings after a system update Description: After updating to a version of OS X Lion prior to 10.7.3, the Wi-Fi configuration used by Internet Sharing may revert to factory defaults, which disables the WEP password. This issue only affects systems with Internet Sharing enabled and sharing the connection to Wi-Fi. This issue is addressed by preserving the Wi-Fi configuration during a system update. CVE-ID CVE-2011-3452 : an anonymous researcher

    Libinfo Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in Libinfo's handling of hostname lookup requests. Libinfo could return incorrect results for a maliciously crafted hostname. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3441 : Erling Ellingsen of Facebook

    libresolv Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Applications that use OS X's libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the parsing of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive

    libsecurity Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Some EV certificates may be trusted even if the corresponding root has been marked as untrusted Description: The certificate code trusted a root certificate to sign EV certificates if it was on the list of known EV issuers, even if the user had marked it as 'Never Trust' in Keychain. The root would not be trusted to sign non-EV certificates. CVE-ID CVE-2011-3422 : Alastair Houghton

    OpenGL Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team

    PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in PHP 5.3.6 Description: PHP is updated to version 5.3.8 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP web site at http://www.php.net CVE-ID CVE-2011-1148 CVE-2011-1657 CVE-2011-1938 CVE-2011-2202 CVE-2011-2483 CVE-2011-3182 CVE-2011-3189 CVE-2011-3267 CVE-2011-3268

    PHP Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-3256 : Apple

    PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Multiple vulnerabilities in libpng 1.5.4 Description: libpng is updated to version 1.5.5 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-3328

    QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Opening a maliciously crafted MP4 encoded file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue existed in the handling of MP4 encoded files. CVE-ID CVE-2011-3458 : Luigi Auriemma and pa_kt both working with TippingPoint's Zero Day Initiative

    QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of font tables embedded in QuickTime movie files. CVE-ID CVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day Initiative

    QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An off by one buffer overflow existed in the handling of rdrf atoms in QuickTime movie files. CVE-ID CVE-2011-3459 : Luigi Auriemma working with TippingPoint's Zero Day Initiative

    QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted JPEG2000 image file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of JPEG2000 files. CVE-ID CVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day Initiative

    QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Processing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PNG files. CVE-ID CVE-2011-3460 : Luigi Auriemma working with TippingPoint's Zero Day Initiative

    QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of FLC encoded movie files CVE-ID CVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative

    SquirrelMail Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in SquirrelMail Description: SquirrelMail is updated to version 1.4.22 to address several vulnerabilities, the most serious of which is a cross-site scripting issue. This issue does not affect OS X Lion systems. Further information is available via the SquirrelMail web site at http://www.SquirrelMail.org/ CVE-ID CVE-2010-1637 CVE-2010-2813 CVE-2010-4554 CVE-2010-4555 CVE-2011-2023

    Subversion Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Accessing a Subversion repository may lead to the disclosure of sensitive information Description: Subversion is updated to version 1.6.17 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Further information is available via the Subversion web site at http://subversion.tigris.org/ CVE-ID CVE-2011-1752 CVE-2011-1783 CVE-2011-1921

    Time Machine Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: A remote attacker may access new backups created by the user's system Description: The user may designate a remote AFP volume or Time Capsule to be used for Time Machine backups. Time Machine did not verify that the same device was being used for subsequent backup operations. An attacker who is able to spoof the remote volume could gain access to new backups created by the user's system. This issue is addressed by verifying the unique identifier associated with a disk for backup operations. CVE-ID CVE-2011-3462 : Michael Roitzsch of the Technische Universitat Dresden

    Tomcat Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Tomcat 6.0.32 Description: Tomcat is updated to version 6.0.33 to address multiple vulnerabilities, the most serious of which may lead to the disclosure of sensitive information. Tomcat is only provided on Mac OS X Server systems. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at http://tomcat.apache.org/ CVE-ID CVE-2011-2204

    WebDAV Sharing Available for: OS X Lion Server v10.7 to v10.7.2 Impact: Local users may obtain system privileges Description: An issue existed in WebDAV Sharing's handling of user authentication. A user with a valid account on the server or one of its bound directories could cause the execution of arbitrary code with system privileges. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3463 : Gordon Davisson of Crywolf

    Webmail Available for: OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted e-mail message may lead to the disclosure of message content Description: A cross-site scripting vulnerability existed in the handling of mail messages. This issue is addressed by updating Roundcube Webmail to version 0.6. This issue does not affect systems prior to OS X Lion. Further information is available via the Roundcube site at http://trac.roundcube.net/ CVE-ID CVE-2011-2937

    X11 Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in FreeType's handling of Type 1 fonts. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-3256 : Apple

    OS X Lion v10.7.3 and Security Update 2012-001 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/

    The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2021-001 or OS X v10.7.3.

    For OS X Lion v10.7.2 The download file is named: MacOSXUpd10.7.3.dmg Its SHA-1 digest is: 7102fe8f9f47286c45dfa35f6e84e7f730493a7c

    For OS X Lion v10.7 and v10.7.1 The download file is named: MacOSXUpdCombo10.7.3.dmg Its SHA-1 digest is: 07dfce300f6801eb63d9ac13e0bec84e1862a16c

    For OS X Lion Server v10.7.2 The download file is named: MacOSXServerUpd10.7.3.dmg Its SHA-1 digest is: 55a9571635d4ec088c142d68132d0d69fcb8867d

    For OS X Lion Server v10.7 and v10.7.1 The download file is named: MacOSXServerUpdCombo10.7.3.dmg Its SHA-1 digest is: 2c87824f09734499ea166ea0617a3ac21ecf832b

    For Mac OS X v10.6.8 The download file is named: SecUpd2012-001Snow.dmg Its SHA-1 digest is: 40875ee8cb609bbaefc8f421a9c34cc353db42b8

    For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2012-001.dmg Its SHA-1 digest is: 53b3ca5548001a9920aeabed4a034c6e4657fe20

    Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

    iQEcBAEBAgAGBQJPKYxNAAoJEGnF2JsdZQeeLiIIAMLhH2ipDFrhCsw/n4VDeF1V P6jSkGXC9tBBVMvw1Xq4c2ok4SI34bDfMlURAVR+dde/h6nIZR24aLQVoDLjJuIp RrO2dm1nQeozLJSx2NbxhVh54BucJdKp4xS1GkDNxkqcdh04RE9hRURXdKagnfGy 9P8QQPOQmKAiWos/LYhCPDInMfrpVNvEVwP8MCDP15g6hylN4De/Oyt7ZshPshSf MnAFObfBTGX5KioVqTyfdlBkKUfdXHJux61QEFHn8eadX6+/6IuKbUvK9B0icc8E pvbjOxQatFRps0KNWeIsKQc5i6iQoJhocAiIy6Y6LCuZQuSXCImY2RWXkVYzbWo= =c1eU -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c03280632 Version: 1

    HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2012-04-16 Last Updated: 2012-04-16

    Potential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities

    Source: Hewlett-Packard Company, HP Software Security Response Team

    VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. HP System Management Homepage (SMH) before v7.0 running on Linux and Windows.

    BACKGROUND

    CVSS 2.0 Base Metrics

    Reference Base Vector Base Score CVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5 CVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

    The Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com.

    RESOLUTION

    HP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities.

    SMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html

    HISTORY Version:1 (rev.1) 16 April 2012 Initial release

    Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

    Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

    Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

    Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

    Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

    Packages for 2009.0 are provided as of the Extended Maintenance Program. The verification of md5 checksums and GPG signatures is performed automatically for you.

    All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                   VMware Security Advisory
    

    Advisory ID: VMSA-2012-0001 Synopsis: VMware ESXi and ESX updates to third party library and ESX Service Console Issue date: 2012-01-30 Updated on: 2012-01-30 (initial advisory)

    CVE numbers: --- COS Kernel --- CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182, CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745, CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022, CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525, CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495, CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 --- COS cURL --- CVE-2011-2192 --- COS rpm --- CVE-2010-2059, CVE-2011-3378 --- COS samba --- CVE-2010-0547, CVE-2010-0787, CVE-2011-1678, CVE-2011-2522, CVE-2011-2694 --- COS python --- CVE-2009-3720, CVE-2010-3493, CVE-2011-1015, CVE-2011-1521 --- python library --- CVE-2009-3560, CVE-2009-3720, CVE-2010-1634, CVE-2010-2089, CVE-2011-1521


    1. Summary

    VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.

    1. Relevant releases

    ESXi 4.1 without patch ESXi410-201201401-SG

    ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG, ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG, ESX410-201201407-SG

    1. Problem Description

    a. ESX third party update for Service Console kernel

    The ESX Service Console Operating System (COS) kernel is updated to
    kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the
    COS kernel.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,
    CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166,
    CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494,
    CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,
    CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182,
    CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745,
    CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,
    CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525,
    CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495,
    CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.1       ESX      ESX410-201201401-SG
    ESX            4.0       ESX      patch pending
    ESX            3.5       ESX      not applicable
    
    • hosted products are VMware Workstation, Player, ACE, Fusion.

    b. ESX third party update for Service Console cURL RPM

    The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9
    resolving a security issues.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CVE-2011-2192 to this issue.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.1       ESX      ESX410-201201402-SG
    ESX            4.0       ESX      patch pending
    ESX            3.5       ESX      not applicable
    
    * hosted products are VMware Workstation, Player, ACE, Fusion.
    

    c. ESX third party update for Service Console nspr and nss RPMs

    The ESX Service Console (COS) nspr and nss RPMs are updated to
    nspr-4.8.8-1.el5_7 and nss-3.12.10-4.el5_7 respectively resolving
    a security issues.
    
    A Certificate Authority (CA) issued fraudulent SSL certificates and
    Netscape Portable Runtime (NSPR) and Network Security Services (NSS)
    contain the built-in tokens of this fraudulent Certificate
    Authority. This update renders all SSL certificates signed by the
    fraudulent CA as untrusted for all uses.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.1       ESX      ESX410-201201404-SG
    ESX            4.0       ESX      patch pending
    ESX            3.5       ESX      not applicable
    
    * hosted products are VMware Workstation, Player, ACE, Fusion.
    

    d. ESX third party update for Service Console rpm RPMs

    The ESX Service Console Operating System (COS) rpm packages are
    updated to popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2,
    rpm-libs-4.4.2.3-22.el5_7.2 and rpm-python-4.4.2.3-22.el5_7.2
    which fixes multiple security issues.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2010-2059 and CVE-2011-3378 to these issues.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.1       ESX      ESX410-201201406-SG
    ESX            4.0       ESX      patch pending
    ESX            3.5       ESX      not applicable
    
    * hosted products are VMware Workstation, Player, ACE, Fusion.
    

    e. ESX third party update for Service Console samba RPMs

    The ESX Service Console Operating System (COS) samba packages are
    updated to samba-client-3.0.33-3.29.el5_7.4,
    samba-common-3.0.33-3.29.el5_7.4 and
    libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
    issues in the Samba client.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,
    CVE-2011-2522 and CVE-2011-2694 to these issues.
    
    Note that ESX does not include the Samba Web Administration Tool
    (SWAT) and therefore ESX COS is not affected by CVE-2011-2522 and
    CVE-2011-2694.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.1       ESX      ESX410-201201407-SG
    ESX            4.0       ESX      patch pending
    ESX            3.5       ESX      not applicable
    
    * hosted products are VMware Workstation, Player, ACE, Fusion.
    

    f. ESX third party update for Service Console python package

    The ESX Service Console (COS) python package is updated to
    2.4.3-44 which fixes multiple security issues.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2009-3720, CVE-2010-3493, CVE-2011-1015 and
    CVE-2011-1521 to these issues.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           any       ESXi     not affected
    
    ESX            4.1       ESX      ESX410-201201405-SG
    ESX            4.0       ESX      patch pending
    ESX            3.5       ESX      not applicable
    
    * hosted products are VMware Workstation, Player, ACE, Fusion.
    

    g. ESXi update to third party component python

    The python third party library is updated to python 2.5.6 which
    fixes multiple security issues.
    
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the names CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,
    CVE-2010-2089, and CVE-2011-1521 to these issues.
    
    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.
    
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    vCenter        any       Windows  not affected
    
    hosted *       any       any      not affected
    
    ESXi           5.0       ESXi     patch pending
    ESXi           4.1       ESXi     ESXi410-201201401-SG
    ESXi           4.0       ESXi     patch pending
    ESXi           3.5       ESXi     patch pending
    
    ESX            4.1       ESX      not affected
    ESX            4.0       ESX      not affected
    ESX            3.5       ESX      not affected
    
    * hosted products are VMware Workstation, Player, ACE, Fusion.
    
    1. Solution

    Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.

    VMware ESXi 4.1


    ESXi410-201201401 http://downloads.vmware.com/go/selfsupport-download md5sum: BDF86F10A973346E26C9C2CD4C424E88
    sha1sum: CC0B92869A9AAE4F5E0E5B81BEE109BCD7DA780F http://kb.vmware.com/kb/2009143 ESXi410-201201401 contains ESXi410-201201401-SG

    VMware ESX 4.1


    ESX410-201201001 http://downloads.vmware.com/go/selfsupport-download md5sum: 16DF9ACD3E74BCABC2494BC23AD0927F
    sha1sum: 1066AE1436E1A75BA3D541AB65296CFB9AB7A5CC http://kb.vmware.com/kb/2009142

    ESX410-201201001 contains ESX410-201201401-SG, ESX410-201201402-SG, ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG and ESX410-201201407-SG

    1. References

    CVE numbers

    --- COS Kernel --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1078 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1763 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 --- COS cURL --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 --- COS rpm --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378 --- COS samba --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694 --- COS python --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521 --- python library --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521


    1. Change log

    2012-01-30 VMSA-2012-0001 Initial security advisory in conjunction with the release of patches for ESX 4.1 and ESXi 4.1 on 2012-01-30.


    1. Contact

    E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

    • security-announce at lists.vmware.com
    • bugtraq at securityfocus.com
    • full-disclosure at lists.grok.org.uk

    E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

    VMware Security Advisories http://www.vmware.com/security/advisories

    VMware security response policy http://www.vmware.com/support/policies/security_response.html

    General support life cycle policy http://www.vmware.com/support/policies/eos.html

    VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

    Copyright 2012 VMware Inc. All rights reserved.

    -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8

    wj8DBQFPJ5DIDEcm8Vbi9kMRAnzCAKCmaAoDp49d61Mr1emzh/U0N8vbgACdFZk8 f2pLxi537s+ew4dvnYNWlJ8= =OAh4 -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-1158-1 June 24, 2011

    curl vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 11.04
    • Ubuntu 10.10
    • Ubuntu 10.04 LTS
    • Ubuntu 8.04 LTS

    Summary:

    Multiple vulnerabilities in curl. (CVE-2011-2192)

    Wesley Miaw discovered that when zlib is enabled, libcurl does not properly restrict the amount of callback data sent to an application that requests automatic decompression. This might allow an attacker to cause a denial of service via an application crash or possibly execute arbitrary code with the privilege of the application. This issue only affected Ubuntu 8.04 LTS and Ubuntu 10.04 LTS. (CVE-2010-0734)

    USN 818-1 fixed an issue with curl's handling of SSL certificates with zero bytes in the Common Name. Due to a packaging error, the fix for this issue was not being applied during the build. This issue only affected Ubuntu 8.04 LTS. We apologize for the error. (CVE-2009-2417)

    Original advisory details:

    Scott Cantor discovered that curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 11.04: libcurl3 7.21.3-1ubuntu1.2 libcurl3-gnutls 7.21.3-1ubuntu1.2 libcurl3-nss 7.21.3-1ubuntu1.2

    Ubuntu 10.10: libcurl3 7.21.0-1ubuntu1.1 libcurl3-gnutls 7.21.0-1ubuntu1.1

    Ubuntu 10.04 LTS: libcurl3 7.19.7-1ubuntu1.1 libcurl3-gnutls 7.19.7-1ubuntu1.1

    Ubuntu 8.04 LTS: libcurl3 7.18.0-1ubuntu2.3 libcurl3-gnutls 7.18.0-1ubuntu2.3

    After a standard system update you need to restart any applications that make use of libcurl to make all the necessary changes

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "15"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "14"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.21.6"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "mac os x",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "10.7.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "haxx",
            "version": "7.10.6"
          },
          {
            "_id": null,
            "model": "ubuntu linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "canonical",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "haxx",
            "version": "7.10.6 to  7.21.6"
          },
          {
            "_id": null,
            "model": "esx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "esx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "esx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "vmware",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3 (x86-64)"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "asianux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "cybertrust",
            "version": "3.0 (x86-64)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4 (ws)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (as)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.8 (es)"
          },
          {
            "_id": null,
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 (client)"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6.z (server)"
          },
          {
            "_id": null,
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux long life",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 5.6 server)"
          },
          {
            "_id": null,
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.1.z"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel desktop workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.21.4"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.21.6"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.21.5"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.21.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.20.1"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.20.0"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.21.2"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.19.7"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.21.3"
          },
          {
            "_id": null,
            "model": "libcurl",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "curl",
            "version": "7.19.6"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "linux armel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.16.4"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.6"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7"
          },
          {
            "_id": null,
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.8"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0-103"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.3"
          },
          {
            "_id": null,
            "model": "enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.95"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1.73"
          },
          {
            "_id": null,
            "model": "voice portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "voice portal sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0-95"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.7"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.14.1"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.13"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "voice portal sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.11.2"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.21.7"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.3"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.21.6"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.0-68"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2-77"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1.2"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.8"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux hpc node optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.18"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12.3"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.3"
          },
          {
            "_id": null,
            "model": "messaging storage server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "messaging storage server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "aura system platform sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura system platform sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2.77"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.18.1"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.4"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.1-73"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.2.1"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.27"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.5"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.10"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.10.7"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.14"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.6"
          },
          {
            "_id": null,
            "model": "aura application enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "meeting exchange",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop version",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.1"
          },
          {
            "_id": null,
            "model": "aura communication manager utility services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.96"
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ip office application server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "aura application server sip core",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "53002.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.10.6"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "enterprise linux desktop workstation client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.19.4"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.12"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.103"
          },
          {
            "_id": null,
            "model": "linux lts lpia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "8.04"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "10.04"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.16.3"
          },
          {
            "_id": null,
            "model": "aura presence services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.3"
          },
          {
            "_id": null,
            "model": "voice portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "system management homepage b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.2.77"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "11.04"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.5"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.4"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "message networking sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura system manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.1"
          },
          {
            "_id": null,
            "model": "aura system platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "communication server 1000m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.64"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.15.5"
          },
          {
            "_id": null,
            "model": "communication server 1000e signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.17"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "messaging storage server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.11.1"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "proactive contact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "aura system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.1"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.13.1"
          },
          {
            "_id": null,
            "model": "aura system manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "messaging storage server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "communication server 1000m signaling server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "aura session manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop optional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "5"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "0"
          },
          {
            "_id": null,
            "model": "aura communication manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.10.8"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.13.2"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.20.1"
          },
          {
            "_id": null,
            "model": "aura session manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "6.1.3"
          },
          {
            "_id": null,
            "model": "aura session manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "communication server 1000e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "7.5"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2009.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2.0-12"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "stenberg curl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "daniel",
            "version": "7.20.2"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "3.0.68"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "messaging storage server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.7.1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1.0.102"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2010.1"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.6.3"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "5.0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "48434"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2192"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:haxx:libcurl",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:vmware:esx",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_hpc_node",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_long_life",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:enterprise_linux_workstation",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "\u0026amp;lt;br\u0026amp;gt;Richard Silverman",
        "sources": [
          {
            "db": "BID",
            "id": "48434"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2011-2192",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2011-2192",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-50137",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2192",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2192",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201106-322",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULHUB",
                "id": "VHN-50137",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2192"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. cURL/libcURL is prone to a vulnerability that may allow attackers to spoof clients\u0027 security credentials. \nThis issue affects cURL/libcURL versions 7.10.6 through 7.21.6. \nThis is obviously a very sensitive operation, which should only be done when\nthe user explicitly so directs. \n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 7.18.2-8lenny5. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2. \n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 7.21.6-2. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 7.21.6-2. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. Summary:\n\nUpdated curl packages that fix one security issue are now available for Red\nHat Enterprise Linux 4, 5, and 6. \n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. Relevant releases/architectures:\n\nRHEL Desktop Workstation (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop version 4 - i386, x86_64\nRed Hat Enterprise Linux ES version 4 - i386, ia64, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux WS version 4 - i386, ia64, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\n\n3. Description:\n\ncURL provides the libcurl library and a command line tool for downloading\nfiles from servers using various protocols, including HTTP, FTP, and LDAP. (CVE-2011-2192)\n\nUsers of curl should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. All running applications using\nlibcurl must be restarted for the update to take effect. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n711454 - CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm\n\ni386:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-devel-7.12.1-17.el4.i386.rpm\n\nia64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.ia64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.ia64.rpm\ncurl-devel-7.12.1-17.el4.ia64.rpm\n\nppc:\ncurl-7.12.1-17.el4.ppc.rpm\ncurl-7.12.1-17.el4.ppc64.rpm\ncurl-debuginfo-7.12.1-17.el4.ppc.rpm\ncurl-debuginfo-7.12.1-17.el4.ppc64.rpm\ncurl-devel-7.12.1-17.el4.ppc.rpm\n\ns390:\ncurl-7.12.1-17.el4.s390.rpm\ncurl-debuginfo-7.12.1-17.el4.s390.rpm\ncurl-devel-7.12.1-17.el4.s390.rpm\n\ns390x:\ncurl-7.12.1-17.el4.s390.rpm\ncurl-7.12.1-17.el4.s390x.rpm\ncurl-debuginfo-7.12.1-17.el4.s390.rpm\ncurl-debuginfo-7.12.1-17.el4.s390x.rpm\ncurl-devel-7.12.1-17.el4.s390x.rpm\n\nx86_64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.x86_64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.x86_64.rpm\ncurl-devel-7.12.1-17.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm\n\ni386:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-devel-7.12.1-17.el4.i386.rpm\n\nx86_64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.x86_64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.x86_64.rpm\ncurl-devel-7.12.1-17.el4.x86_64.rpm\n\nRed Hat Enterprise Linux ES version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm\n\ni386:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-devel-7.12.1-17.el4.i386.rpm\n\nia64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.ia64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.ia64.rpm\ncurl-devel-7.12.1-17.el4.ia64.rpm\n\nx86_64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.x86_64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.x86_64.rpm\ncurl-devel-7.12.1-17.el4.x86_64.rpm\n\nRed Hat Enterprise Linux WS version 4:\n\nSource:\nftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/curl-7.12.1-17.el4.src.rpm\n\ni386:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-devel-7.12.1-17.el4.i386.rpm\n\nia64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.ia64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.ia64.rpm\ncurl-devel-7.12.1-17.el4.ia64.rpm\n\nx86_64:\ncurl-7.12.1-17.el4.i386.rpm\ncurl-7.12.1-17.el4.x86_64.rpm\ncurl-debuginfo-7.12.1-17.el4.i386.rpm\ncurl-debuginfo-7.12.1-17.el4.x86_64.rpm\ncurl-devel-7.12.1-17.el4.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/curl-7.15.5-9.el5_6.3.src.rpm\n\ni386:\ncurl-7.15.5-9.el5_6.3.i386.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.i386.rpm\n\nx86_64:\ncurl-7.15.5-9.el5_6.3.i386.rpm\ncurl-7.15.5-9.el5_6.3.x86_64.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.i386.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.x86_64.rpm\n\nRHEL Desktop Workstation (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/curl-7.15.5-9.el5_6.3.src.rpm\n\ni386:\ncurl-debuginfo-7.15.5-9.el5_6.3.i386.rpm\ncurl-devel-7.15.5-9.el5_6.3.i386.rpm\n\nx86_64:\ncurl-debuginfo-7.15.5-9.el5_6.3.i386.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.x86_64.rpm\ncurl-devel-7.15.5-9.el5_6.3.i386.rpm\ncurl-devel-7.15.5-9.el5_6.3.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/curl-7.15.5-9.el5_6.3.src.rpm\n\ni386:\ncurl-7.15.5-9.el5_6.3.i386.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.i386.rpm\ncurl-devel-7.15.5-9.el5_6.3.i386.rpm\n\nia64:\ncurl-7.15.5-9.el5_6.3.ia64.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.ia64.rpm\ncurl-devel-7.15.5-9.el5_6.3.ia64.rpm\n\nppc:\ncurl-7.15.5-9.el5_6.3.ppc.rpm\ncurl-7.15.5-9.el5_6.3.ppc64.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.ppc.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.ppc64.rpm\ncurl-devel-7.15.5-9.el5_6.3.ppc.rpm\ncurl-devel-7.15.5-9.el5_6.3.ppc64.rpm\n\ns390x:\ncurl-7.15.5-9.el5_6.3.s390.rpm\ncurl-7.15.5-9.el5_6.3.s390x.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.s390.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.s390x.rpm\ncurl-devel-7.15.5-9.el5_6.3.s390.rpm\ncurl-devel-7.15.5-9.el5_6.3.s390x.rpm\n\nx86_64:\ncurl-7.15.5-9.el5_6.3.i386.rpm\ncurl-7.15.5-9.el5_6.3.x86_64.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.i386.rpm\ncurl-debuginfo-7.15.5-9.el5_6.3.x86_64.rpm\ncurl-devel-7.15.5-9.el5_6.3.i386.rpm\ncurl-devel-7.15.5-9.el5_6.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm\n\ni386:\ncurl-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\n\nx86_64:\ncurl-7.19.7-26.el6_1.1.x86_64.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm\n\ni386:\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\n\nx86_64:\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm\n\nx86_64:\ncurl-7.19.7-26.el6_1.1.x86_64.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm\n\nx86_64:\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm\n\ni386:\ncurl-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\n\nppc64:\ncurl-7.19.7-26.el6_1.1.ppc64.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.ppc.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.ppc64.rpm\nlibcurl-7.19.7-26.el6_1.1.ppc.rpm\nlibcurl-7.19.7-26.el6_1.1.ppc64.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.ppc.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.ppc64.rpm\n\ns390x:\ncurl-7.19.7-26.el6_1.1.s390x.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.s390.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.s390x.rpm\nlibcurl-7.19.7-26.el6_1.1.s390.rpm\nlibcurl-7.19.7-26.el6_1.1.s390x.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.s390.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.s390x.rpm\n\nx86_64:\ncurl-7.19.7-26.el6_1.1.x86_64.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/curl-7.19.7-26.el6_1.1.src.rpm\n\ni386:\ncurl-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\n\nx86_64:\ncurl-7.19.7-26.el6_1.1.x86_64.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.i686.rpm\ncurl-debuginfo-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-7.19.7-26.el6_1.1.x86_64.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.i686.rpm\nlibcurl-devel-7.19.7-26.el6_1.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2192.html\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttp://curl.haxx.se/docs/adv_20110623.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001\n\nOS X Lion v10.7.3 and Security Update 2012-001 is now available and\naddresses the following:\n\nAddress Book\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  An attacker in a privileged network position may intercept\nCardDAV data\nDescription:  Address Book supports Secure Sockets Layer (SSL) for\naccessing CardDAV. A downgrade issue caused Address Book to attempt\nan unencrypted connection if an encrypted connection failed. An\nattacker in a privileged network position could abuse this behavior\nto intercept CardDAV data. This issue is addressed by not downgrading\nto an unencrypted connection without user approval. \nCVE-ID\nCVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation\n\nApache\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Multiple vulnerabilities in Apache\nDescription:  Apache is updated to version 2.2.21 to address several\nvulnerabilities, the most serious of which may lead to a denial of\nservice. Further information is available via the Apache web site at\nhttp://httpd.apache.org/\nCVE-ID\nCVE-2011-3348\n\nApache\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  An attacker may be able to decrypt data protected by SSL\nDescription:  There are known attacks on the confidentiality of SSL\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. \nApache disabled the \u0027empty fragment\u0027 countermeasure which prevented\nthese attacks. This issue is addressed by providing a configuration\nparameter to control the countermeasure and enabling it by default. \nCVE-ID\nCVE-2011-3389\n\nCFNetwork\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription:  An issue existed in CFNetwork\u0027s handling of malformed\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\nthe request to an incorrect origin server. This issue does not affect\nsystems prior to OS X Lion. \nCVE-ID\nCVE-2011-3246 : Erling Ellingsen of Facebook\n\nCFNetwork\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription:  An issue existed in CFNetwork\u0027s handling of malformed\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\nunexpected request headers. This issue does not affect systems prior\nto OS X Lion. \nCVE-ID\nCVE-2011-3447 : Erling Ellingsen of Facebook\n\nColorSync\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription:  An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. This issue does not affect OS X Lion systems. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreAudio\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Playing maliciously crafted audio content may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the handling of AAC\nencoded audio streams. This issue does not affect OS X Lion systems. \nCVE-ID\nCVE-2011-3252 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreMedia\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A heap buffer overflow existed in CoreMedia\u0027s handling\nof H.264 encoded movie files. \nCVE-ID\nCVE-2011-3448 : Scott Stender of iSEC Partners\n\nCoreText\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing or downloading a document containing a maliciously\ncrafted embedded font may lead to an unexpected application\ntermination or arbitrary code execution\nDescription:  A use after free issue existed in the handling of font\nfiles. \nCVE-ID\nCVE-2011-3449 : Will Dormann of the CERT/CC\n\nCoreUI\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  Visiting a malicious website may lead to an unexpected\napplication termination or arbitrary code execution\nDescription:  An unbounded stack allocation issue existed in the\nhandling of long URLs. This issue does not affect systems prior to OS\nX Lion. \nCVE-ID\nCVE-2011-3450 : Ben Syverson\n\ncurl\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  A remote server may be able to impersonate clients via\nGSSAPI requests\nDescription:  When doing GSSAPI authentication, libcurl\nunconditionally performs credential delegation. This issue is\naddressed by disabling GSSAPI credential delegation. \nCVE-ID\nCVE-2011-2192\n\nData Security\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription:  Two certificate authorities in the list of trusted root\ncertificates have independently issued intermediate certificates to\nDigiCert Malaysia. DigiCert Malaysia has issued certificates with\nweak keys that it is unable to revoke. An attacker with a privileged\nnetwork position could intercept user credentials or other sensitive\ninformation intended for a site with a certificate issued by DigiCert\nMalaysia. This issue is addressed by configuring default system trust\nsettings so that DigiCert Malaysia\u0027s certificates are not trusted. We\nwould like to acknowledge Bruce Morton of Entrust, Inc. \n\ndovecot\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  An attacker may be able to decrypt data protected by SSL\nDescription:  There are known attacks on the confidentiality of SSL\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. \nDovecot disabled the \u0027empty fragment\u0027 countermeasure which prevented\nthese attacks. This issue is addressed by enabling the\ncountermeasure. \nCVE-ID\nCVE-2011-3389 : Apple\n\nfilecmds\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Decompressing a maliciously crafted compressed file may lead\nto an unexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the \u0027uncompress\u0027 command\nline tool. \nCVE-ID\nCVE-2011-2895\n\nImageIO\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF files. This issue does not affect OS X\nLion systems. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in libtiff\u0027s handling of\nThunderScan encoded TIFF images. This issue is address by updating\nlibtiff to version 3.9.5. \nCVE-ID\nCVE-2011-1167\n\nImageIO\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Multiple vulnerabilities in libpng 1.5.4\nDescription:  libpng is updated to version 1.5.5 to address multiple\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. Further information is available via the libpng website at\nhttp://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-3328\n\nInternet Sharing\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  A Wi-Fi network created by Internet Sharing may lose\nsecurity settings after a system update\nDescription:  After updating to a version of OS X Lion prior to\n10.7.3, the Wi-Fi configuration used by Internet Sharing may revert\nto factory defaults, which disables the WEP password. This issue only\naffects systems with Internet Sharing enabled and sharing the\nconnection to Wi-Fi. This issue is addressed by preserving the Wi-Fi\nconfiguration during a system update. \nCVE-ID\nCVE-2011-3452 : an anonymous researcher\n\nLibinfo\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription:  An issue existed in Libinfo\u0027s handling of hostname\nlookup requests. Libinfo could return incorrect results for a\nmaliciously crafted hostname. This issue does not affect systems\nprior to OS X Lion. \nCVE-ID\nCVE-2011-3441 : Erling Ellingsen of Facebook\n\nlibresolv\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Applications that use OS X\u0027s libresolv library may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription:  An integer overflow existed in the parsing of DNS\nresource records, which may lead to heap memory corruption. \nCVE-ID\nCVE-2011-3453 : Ilja van Sprundel of IOActive\n\nlibsecurity\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Some EV certificates may be trusted even if the\ncorresponding root has been marked as untrusted\nDescription:  The certificate code trusted a root certificate to sign\nEV certificates if it was on the list of known EV issuers, even if\nthe user had marked it as \u0027Never Trust\u0027 in Keychain. The root would\nnot be trusted to sign non-EV certificates. \nCVE-ID\nCVE-2011-3422 : Alastair Houghton\n\nOpenGL\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Applications that use OS X\u0027s OpenGL implementation may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription:  Multiple memory corruption issues existed in the\nhandling of GLSL compilation. \nCVE-ID\nCVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and\nMarc Schoenefeld of the Red Hat Security Response Team\n\nPHP\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Multiple vulnerabilities in PHP 5.3.6\nDescription:  PHP is updated to version 5.3.8 to address several\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. Further information is available via the PHP web site at\nhttp://www.php.net\nCVE-ID\nCVE-2011-1148\nCVE-2011-1657\nCVE-2011-1938\nCVE-2011-2202\nCVE-2011-2483\nCVE-2011-3182\nCVE-2011-3189\nCVE-2011-3267\nCVE-2011-3268\n\nPHP\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in FreeType\u0027s\nhandling of Type 1 fonts. Further information is available via the\nFreeType site at http://www.freetype.org/\nCVE-ID\nCVE-2011-3256 : Apple\n\nPHP\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Multiple vulnerabilities in libpng 1.5.4\nDescription:  libpng is updated to version 1.5.5 to address multiple\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. Further information is available via the libpng website at\nhttp://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-3328\n\nQuickTime\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Opening a maliciously crafted MP4 encoded file may lead to\nan unexpected application termination or arbitrary code execution\nDescription:  An uninitialized memory access issue existed in the\nhandling of MP4 encoded files. \nCVE-ID\nCVE-2011-3458 : Luigi Auriemma and pa_kt both working with\nTippingPoint\u0027s Zero Day Initiative\n\nQuickTime\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A signedness issue existed in the handling of font\ntables embedded in QuickTime movie files. \nCVE-ID\nCVE-2011-3248 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An off by one buffer overflow existed in the handling\nof rdrf atoms in QuickTime movie files. \nCVE-ID\nCVE-2011-3459 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted JPEG2000 image file may lead\nto an unexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the handling of JPEG2000\nfiles. \nCVE-ID\nCVE-2011-3250 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Processing a maliciously crafted PNG image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the handling of PNG files. \nCVE-ID\nCVE-2011-3460 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in the handling of FLC\nencoded movie files\nCVE-ID\nCVE-2011-3249 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nSquirrelMail\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Multiple vulnerabilities in SquirrelMail\nDescription:  SquirrelMail is updated to version 1.4.22 to address\nseveral vulnerabilities, the most serious of which is a cross-site\nscripting issue. This issue does not affect OS X Lion systems. \nFurther information is available via the SquirrelMail web site at\nhttp://www.SquirrelMail.org/\nCVE-ID\nCVE-2010-1637\nCVE-2010-2813\nCVE-2010-4554\nCVE-2010-4555\nCVE-2011-2023\n\nSubversion\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Accessing a Subversion repository may lead to the disclosure\nof sensitive information\nDescription:  Subversion is updated to version 1.6.17 to address\nmultiple vulnerabilities, the most serious of which may lead to the\ndisclosure of sensitive information. Further information is available\nvia the Subversion web site at http://subversion.tigris.org/\nCVE-ID\nCVE-2011-1752\nCVE-2011-1783\nCVE-2011-1921\n\nTime Machine\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  A remote attacker may access new backups created by the\nuser\u0027s system\nDescription:  The user may designate a remote AFP volume or Time\nCapsule to be used for Time Machine backups. Time Machine did not\nverify that the same device was being used for subsequent backup\noperations. An attacker who is able to spoof the remote volume could\ngain access to new backups created by the user\u0027s system. This issue\nis addressed by verifying the unique identifier associated with a\ndisk for backup operations. \nCVE-ID\nCVE-2011-3462 : Michael Roitzsch of the Technische Universitat\nDresden\n\nTomcat\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact:  Multiple vulnerabilities in Tomcat 6.0.32\nDescription:  Tomcat is updated to version 6.0.33 to address multiple\nvulnerabilities, the most serious of which may lead to the disclosure\nof sensitive information. Tomcat is only provided on Mac OS X Server\nsystems. This issue does not affect OS X Lion systems. Further\ninformation is available via the Tomcat site at\nhttp://tomcat.apache.org/\nCVE-ID\nCVE-2011-2204\n\nWebDAV Sharing\nAvailable for:  OS X Lion Server v10.7 to v10.7.2\nImpact:  Local users may obtain system privileges\nDescription:  An issue existed in WebDAV Sharing\u0027s handling of user\nauthentication. A user with a valid account on the server or one of\nits bound directories could cause the execution of arbitrary code\nwith system privileges. This issue does not affect systems prior to\nOS X Lion. \nCVE-ID\nCVE-2011-3463 : Gordon Davisson of Crywolf\n\nWebmail\nAvailable for:  OS X Lion v10.7 to v10.7.2,\nOS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted e-mail message may lead to the\ndisclosure of message content\nDescription:  A cross-site scripting vulnerability existed in the\nhandling of mail messages. This issue is addressed by updating\nRoundcube Webmail to version 0.6. This issue does not affect systems\nprior to OS X Lion. Further information is available via the\nRoundcube site at http://trac.roundcube.net/\nCVE-ID\nCVE-2011-2937\n\nX11\nAvailable for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\nImpact:  Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in FreeType\u0027s\nhandling of Type 1 fonts. Further information is available via the\nFreeType site at http://www.freetype.org/\nCVE-ID\nCVE-2011-3256 : Apple\n\nOS X Lion v10.7.3 and Security Update 2012-001 may be obtained from\nthe Software Update pane in System Preferences, or Apple\u0027s Software\nDownloads web site:\nhttp://www.apple.com/support/downloads/\n\nThe Software Update utility will present the update that applies\nto your system configuration. Only one is needed, either\nSecurity Update 2021-001 or OS X v10.7.3. \n\nFor OS X Lion v10.7.2\nThe download file is named: MacOSXUpd10.7.3.dmg\nIts SHA-1 digest is: 7102fe8f9f47286c45dfa35f6e84e7f730493a7c\n\nFor OS X Lion v10.7 and v10.7.1\nThe download file is named: MacOSXUpdCombo10.7.3.dmg\nIts SHA-1 digest is: 07dfce300f6801eb63d9ac13e0bec84e1862a16c\n\nFor OS X Lion Server v10.7.2\nThe download file is named: MacOSXServerUpd10.7.3.dmg\nIts SHA-1 digest is: 55a9571635d4ec088c142d68132d0d69fcb8867d\n\nFor OS X Lion Server v10.7 and v10.7.1\nThe download file is named: MacOSXServerUpdCombo10.7.3.dmg\nIts SHA-1 digest is: 2c87824f09734499ea166ea0617a3ac21ecf832b\n\nFor Mac OS X v10.6.8\nThe download file is named: SecUpd2012-001Snow.dmg\nIts SHA-1 digest is: 40875ee8cb609bbaefc8f421a9c34cc353db42b8\n\nFor Mac OS X Server v10.6.8\nThe download file is named: SecUpdSrvr2012-001.dmg\nIts SHA-1 digest is: 53b3ca5548001a9920aeabed4a034c6e4657fe20\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJPKYxNAAoJEGnF2JsdZQeeLiIIAMLhH2ipDFrhCsw/n4VDeF1V\nP6jSkGXC9tBBVMvw1Xq4c2ok4SI34bDfMlURAVR+dde/h6nIZR24aLQVoDLjJuIp\nRrO2dm1nQeozLJSx2NbxhVh54BucJdKp4xS1GkDNxkqcdh04RE9hRURXdKagnfGy\n9P8QQPOQmKAiWos/LYhCPDInMfrpVNvEVwP8MCDP15g6hylN4De/Oyt7ZshPshSf\nMnAFObfBTGX5KioVqTyfdlBkKUfdXHJux61QEFHn8eadX6+/6IuKbUvK9B0icc8E\npvbjOxQatFRps0KNWeIsKQc5i6iQoJhocAiIy6Y6LCuZQuSXCImY2RWXkVYzbWo=\n=c1eU\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03280632\nVersion: 1\n\nHPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2012-04-16\nLast Updated: 2012-04-16\n\nPotential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. \nHP System Management Homepage (SMH) before v7.0 running on Linux and Windows. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2009-0037    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\nCVE-2010-0734    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\nCVE-2010-1452    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2010-1623    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2010-2068    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2010-2791    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2010-3436    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2010-4409    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2010-4645    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2011-0014    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2011-0195    (AV:N/AC:M/Au:N/C:P/I:N/A:N)        4.3\nCVE-2011-0419    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-1148    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2011-1153    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2011-1464    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-1467    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2011-1468    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-1470    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-1471    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-1928    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-1938    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2011-1945    (AV:N/AC:H/Au:N/C:P/I:N/A:N)        2.6\nCVE-2011-2192    (AV:N/AC:M/Au:N/C:P/I:N/A:N)        4.3\nCVE-2011-2202    (AV:N/AC:L/Au:N/C:N/I:P/A:P)        6.4\nCVE-2011-2483    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2011-3182    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2011-3189    (AV:N/AC:M/Au:N/C:P/I:N/A:N)        4.3\nCVE-2011-3192    (AV:N/AC:L/Au:N/C:N/I:N/A:C)        7.8\nCVE-2011-3267    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2011-3268    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2011-3207    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2011-3210    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2011-3348    (AV:N/AC:M/Au:N/C:N/I:N/A:P)        4.3\nCVE-2011-3368    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2011-3639    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2011-3846    (AV:N/AC:M/Au:N/C:P/I:P/A:P)        6.8\nCVE-2011-4317    (AV:N/AC:M/Au:N/C:N/I:P/A:N)        4.3\nCVE-2012-0135    (AV:N/AC:M/Au:S/C:N/I:N/A:P)        3.5\nCVE-2012-1993    (AV:L/AC:L/Au:S/C:P/I:P/A:N)        3.2\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nThe Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com. \n\nRESOLUTION\n\nHP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities. \n\nSMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html\n\nHISTORY\nVersion:1 (rev.1) 16 April 2012 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel.  For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in the title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2012 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n ----------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID: VMSA-2012-0001\nSynopsis:    VMware ESXi and ESX updates to third party library\n             and ESX Service Console\nIssue date:  2012-01-30\nUpdated on:  2012-01-30 (initial advisory)\n\nCVE numbers: --- COS Kernel ---\n             CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,\n             CVE-2011-1080, CVE-2011-1093, CVE-2011-1163,\n             CVE-2011-1166, CVE-2011-1170, CVE-2011-1171,\n             CVE-2011-1172, CVE-2011-1494, CVE-2011-1495,\n             CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,\n             CVE-2011-0695, CVE-2011-0711, CVE-2011-1044,\n             CVE-2011-1182, CVE-2011-1573, CVE-2011-1576,\n             CVE-2011-1593, CVE-2011-1745, CVE-2011-1746,\n             CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,\n             CVE-2011-2213, CVE-2011-2492, CVE-2011-1780,\n             CVE-2011-2525, CVE-2011-2689, CVE-2011-2482,\n             CVE-2011-2491, CVE-2011-2495, CVE-2011-2517,\n             CVE-2011-2519, CVE-2011-2901\n             --- COS cURL ---\n             CVE-2011-2192\n             --- COS rpm ---\n             CVE-2010-2059, CVE-2011-3378\n             --- COS samba ---\n             CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,\n             CVE-2011-2522, CVE-2011-2694\n             --- COS python ---\n             CVE-2009-3720, CVE-2010-3493, CVE-2011-1015,\n             CVE-2011-1521\n             --- python library ---\n             CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,\n             CVE-2010-2089, CVE-2011-1521\n ----------------------------------------------------------------------\n\n1. Summary\n\n   VMware ESXi and ESX updates to third party library and ESX Service\n   Console address several security issues. \n\n2. Relevant releases\n\n   ESXi 4.1 without patch ESXi410-201201401-SG\n\n   ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,\n                           ESX410-201201404-SG, ESX410-201201405-SG,\n                           ESX410-201201406-SG, ESX410-201201407-SG\n\n3. Problem Description\n\n a. ESX third party update for Service Console kernel\n\n    The ESX Service Console Operating System (COS) kernel is updated to\n    kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the\n    COS kernel. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n    assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,\n    CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166,\n    CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494,\n    CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,\n    CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182,\n    CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745,\n    CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,\n    CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525,\n    CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495,\n    CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.1       ESX      ESX410-201201401-SG\n    ESX            4.0       ESX      patch pending\n    ESX            3.5       ESX      not applicable\n\n  * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n b. ESX third party update for Service Console cURL RPM\n\n    The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9\n    resolving a security issues. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n    assigned the name CVE-2011-2192 to this issue. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.1       ESX      ESX410-201201402-SG\n    ESX            4.0       ESX      patch pending\n    ESX            3.5       ESX      not applicable\n\n    * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n c. ESX third party update for Service Console nspr and nss RPMs\n\n    The ESX Service Console (COS) nspr and nss RPMs are updated to\n    nspr-4.8.8-1.el5_7 and nss-3.12.10-4.el5_7 respectively resolving\n    a security issues. \n\n    A Certificate Authority (CA) issued fraudulent SSL certificates and\n    Netscape Portable Runtime (NSPR) and Network Security Services (NSS)\n    contain the built-in tokens of this fraudulent Certificate\n    Authority. This update renders all SSL certificates signed by the\n    fraudulent CA as untrusted for all uses. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.1       ESX      ESX410-201201404-SG\n    ESX            4.0       ESX      patch pending\n    ESX            3.5       ESX      not applicable\n\n    * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n d. ESX third party update for Service Console rpm RPMs\n\n    The ESX Service Console Operating System (COS) rpm packages are\n    updated to popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2,\n    rpm-libs-4.4.2.3-22.el5_7.2 and rpm-python-4.4.2.3-22.el5_7.2\n    which fixes multiple security issues. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n    assigned the names CVE-2010-2059 and CVE-2011-3378 to these issues. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.1       ESX      ESX410-201201406-SG\n    ESX            4.0       ESX      patch pending\n    ESX            3.5       ESX      not applicable\n\n    * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n\n e. ESX third party update for Service Console samba RPMs\n\n    The ESX Service Console Operating System (COS) samba packages are\n    updated to samba-client-3.0.33-3.29.el5_7.4,\n    samba-common-3.0.33-3.29.el5_7.4 and\n    libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security\n    issues in the Samba client. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n    assigned the names CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,\n    CVE-2011-2522 and CVE-2011-2694 to these issues. \n\n    Note that ESX does not include the Samba Web Administration Tool\n    (SWAT) and therefore ESX COS is not affected by CVE-2011-2522 and\n    CVE-2011-2694. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.1       ESX      ESX410-201201407-SG\n    ESX            4.0       ESX      patch pending\n    ESX            3.5       ESX      not applicable\n\n    * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n f. ESX third party update for Service Console python package\n\n    The ESX Service Console (COS) python package is updated to\n    2.4.3-44 which fixes multiple security issues. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n    assigned the names CVE-2009-3720, CVE-2010-3493, CVE-2011-1015 and\n    CVE-2011-1521 to these issues. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            4.1       ESX      ESX410-201201405-SG\n    ESX            4.0       ESX      patch pending\n    ESX            3.5       ESX      not applicable\n\n    * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n g. ESXi update to third party component python\n\n    The python third party library is updated to python 2.5.6 which\n    fixes multiple security issues. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n    assigned the names CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,\n    CVE-2010-2089, and CVE-2011-1521 to these issues. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    vCenter        any       Windows  not affected\n\n    hosted *       any       any      not affected\n\n    ESXi           5.0       ESXi     patch pending\n    ESXi           4.1       ESXi     ESXi410-201201401-SG\n    ESXi           4.0       ESXi     patch pending\n    ESXi           3.5       ESXi     patch pending\n\n    ESX            4.1       ESX      not affected\n    ESX            4.0       ESX      not affected\n    ESX            3.5       ESX      not affected\n\n    * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n\n4. Solution\n\n   Please review the patch/release notes for your product and version\n   and verify the checksum of your downloaded file. \n\n   VMware ESXi 4.1\n   ---------------\n   ESXi410-201201401\n   http://downloads.vmware.com/go/selfsupport-download\n   md5sum: BDF86F10A973346E26C9C2CD4C424E88    \n   sha1sum: CC0B92869A9AAE4F5E0E5B81BEE109BCD7DA780F\n   http://kb.vmware.com/kb/2009143\n   ESXi410-201201401 contains ESXi410-201201401-SG\n\n   VMware ESX 4.1\n   --------------\n   ESX410-201201001\n   http://downloads.vmware.com/go/selfsupport-download\n   md5sum: 16DF9ACD3E74BCABC2494BC23AD0927F    \n   sha1sum: 1066AE1436E1A75BA3D541AB65296CFB9AB7A5CC\n   http://kb.vmware.com/kb/2009142\n\n   ESX410-201201001 contains ESX410-201201401-SG, ESX410-201201402-SG,\n   ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG and\n   ESX410-201201407-SG\n\n5. References\n\n   CVE numbers\n\n   --- COS Kernel ---\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1078\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1763\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1780\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901\n   --- COS cURL ---\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192\n   --- COS rpm ---\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378\n   --- COS samba ---\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694\n   --- COS python ---\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521\n   --- python library ---\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521\n\n ----------------------------------------------------------------------\n\n6. Change log\n\n   2012-01-30 VMSA-2012-0001\n   Initial security advisory in conjunction with the release of patches\n   for ESX 4.1 and ESXi 4.1 on 2012-01-30. \n\n ----------------------------------------------------------------------\n\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisories\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2012 VMware Inc.  All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.8.3 (Build 4028)\nCharset: utf-8\n\nwj8DBQFPJ5DIDEcm8Vbi9kMRAnzCAKCmaAoDp49d61Mr1emzh/U0N8vbgACdFZk8\nf2pLxi537s+ew4dvnYNWlJ8=\n=OAh4\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-1158-1\nJune 24, 2011\n\ncurl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 11.04\n- Ubuntu 10.10\n- Ubuntu 10.04 LTS\n- Ubuntu 8.04 LTS\n\nSummary:\n\nMultiple vulnerabilities in curl. (CVE-2011-2192)\n\nWesley Miaw discovered that when zlib is enabled, libcurl does not\nproperly restrict the amount of callback data sent to an application\nthat requests automatic decompression. This might allow an attacker to\ncause a denial of service via an application crash or possibly execute\narbitrary code with the privilege of the application. This issue only\naffected Ubuntu 8.04 LTS and Ubuntu 10.04 LTS. (CVE-2010-0734)\n\nUSN 818-1 fixed an issue with curl\u0027s handling of SSL certificates with\nzero bytes in the Common Name. Due to a packaging error, the fix for\nthis issue was not being applied during the build. This issue only\naffected Ubuntu 8.04 LTS. We apologize for the error. (CVE-2009-2417)\n\nOriginal advisory details:\n\n Scott Cantor discovered that curl did not correctly handle SSL\n certificates with zero bytes in the Common Name. A remote attacker\n could exploit this to perform a man in the middle attack to view\n sensitive information or alter encrypted communications. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 11.04:\n  libcurl3                        7.21.3-1ubuntu1.2\n  libcurl3-gnutls                 7.21.3-1ubuntu1.2\n  libcurl3-nss                    7.21.3-1ubuntu1.2\n\nUbuntu 10.10:\n  libcurl3                        7.21.0-1ubuntu1.1\n  libcurl3-gnutls                 7.21.0-1ubuntu1.1\n\nUbuntu 10.04 LTS:\n  libcurl3                        7.19.7-1ubuntu1.1\n  libcurl3-gnutls                 7.19.7-1ubuntu1.1\n\nUbuntu 8.04 LTS:\n  libcurl3                        7.18.0-1ubuntu2.3\n  libcurl3-gnutls                 7.18.0-1ubuntu2.3\n\nAfter a standard system update you need to restart any applications\nthat make use of libcurl to make all the necessary changes",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2192"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          },
          {
            "db": "BID",
            "id": "48434"
          },
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          },
          {
            "db": "PACKETSTORM",
            "id": "102739"
          },
          {
            "db": "PACKETSTORM",
            "id": "102820"
          },
          {
            "db": "PACKETSTORM",
            "id": "109373"
          },
          {
            "db": "PACKETSTORM",
            "id": "111915"
          },
          {
            "db": "PACKETSTORM",
            "id": "112043"
          },
          {
            "db": "PACKETSTORM",
            "id": "103266"
          },
          {
            "db": "PACKETSTORM",
            "id": "109299"
          },
          {
            "db": "PACKETSTORM",
            "id": "102551"
          }
        ],
        "trust": 2.7
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-50137",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2192",
            "trust": 3.6
          },
          {
            "db": "SECUNIA",
            "id": "45067",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "45181",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "45088",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "45047",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "45144",
            "trust": 1.7
          },
          {
            "db": "SECUNIA",
            "id": "48256",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1025713",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "48434",
            "trust": 1.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "102820",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "102739",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "103266",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-50137",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "109373",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "111915",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "112043",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "109299",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "102551",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          },
          {
            "db": "BID",
            "id": "48434"
          },
          {
            "db": "PACKETSTORM",
            "id": "102739"
          },
          {
            "db": "PACKETSTORM",
            "id": "102820"
          },
          {
            "db": "PACKETSTORM",
            "id": "109373"
          },
          {
            "db": "PACKETSTORM",
            "id": "111915"
          },
          {
            "db": "PACKETSTORM",
            "id": "112043"
          },
          {
            "db": "PACKETSTORM",
            "id": "103266"
          },
          {
            "db": "PACKETSTORM",
            "id": "109299"
          },
          {
            "db": "PACKETSTORM",
            "id": "102551"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2192"
          }
        ]
      },
      "id": "VAR-201107-0125",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:42:14.315000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "curl-7.15.5-9.AXS3.3",
            "trust": 0.8,
            "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1457"
          },
          {
            "title": "2228",
            "trust": 0.8,
            "url": "https://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2228"
          },
          {
            "title": "RHSA-2011:0918",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0918.html"
          },
          {
            "title": "adv_20110623",
            "trust": 0.8,
            "url": "http://curl.haxx.se/docs/adv_20110623.html"
          },
          {
            "title": "VMSA-2012-0001",
            "trust": 0.8,
            "url": "http://www.vmware.com/jp/support/support-resources/advisories/VMSA-2012-0001.html"
          },
          {
            "title": "cURL GSSAPI Repair measures for certificate authorization vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119609"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-255",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2192"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://secunia.com/advisories/45067"
          },
          {
            "trust": 2.1,
            "url": "http://curl.haxx.se/docs/adv_20110623.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id?1025713"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/45047"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/45088"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/45144"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/45181"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/48256"
          },
          {
            "trust": 1.7,
            "url": "http://lists.apple.com/archives/security-announce/2012/feb/msg00000.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.debian.org/security/2011/dsa-2271"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-june/061992.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-july/062287.html"
          },
          {
            "trust": 1.7,
            "url": "http://security.gentoo.org/glsa/glsa-201203-02.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2011:116"
          },
          {
            "trust": 1.7,
            "url": "http://www.redhat.com/support/errata/rhsa-2011-0918.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-1158-1"
          },
          {
            "trust": 1.7,
            "url": "http://curl.haxx.se/curl-gssapi-delegation.patch"
          },
          {
            "trust": 1.7,
            "url": "http://support.apple.com/kb/ht5130"
          },
          {
            "trust": 1.7,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=711454"
          },
          {
            "trust": 1.0,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2192"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2192"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/48434"
          },
          {
            "trust": 0.7,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2192"
          },
          {
            "trust": 0.6,
            "url": "http://support.avaya.com/css/p8/documents/100147330"
          },
          {
            "trust": 0.3,
            "url": "http://curl.haxx.se/"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1148"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3182"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2202"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1938"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2483"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3189"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0734"
          },
          {
            "trust": 0.2,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.2,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1623"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4409"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1468"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3192"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1467"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1471"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1452"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1470"
          },
          {
            "trust": 0.2,
            "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
          },
          {
            "trust": 0.2,
            "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
          },
          {
            "trust": 0.2,
            "url": "http://h18000.www1.hp.com/products/servers/management/agents/index.html"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1945"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2068"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1928"
          },
          {
            "trust": 0.2,
            "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0014"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1464"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1153"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-0037"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2791"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2192.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/kb/docs/doc-11259"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-0918.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2204"
          },
          {
            "trust": 0.1,
            "url": "http://www.php.net"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1783"
          },
          {
            "trust": 0.1,
            "url": "http://tomcat.apache.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2023"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3252"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
          },
          {
            "trust": 0.1,
            "url": "http://support.apple.com/kb/ht1222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3249"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1752"
          },
          {
            "trust": 0.1,
            "url": "http://trac.roundcube.net/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3256"
          },
          {
            "trust": 0.1,
            "url": "http://www.apple.com/support/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4554"
          },
          {
            "trust": 0.1,
            "url": "http://www.freetype.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2895"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0241"
          },
          {
            "trust": 0.1,
            "url": "http://www.squirrelmail.org/"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "http://httpd.apache.org/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1921"
          },
          {
            "trust": 0.1,
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3250"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2813"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1657"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4555"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3246"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2937"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3248"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1637"
          },
          {
            "trust": 0.1,
            "url": "http://subversion.tigris.org/"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/"
          },
          {
            "trust": 0.1,
            "url": "http://store.mandriva.com/product_info.php?cpath=149\u0026amp;products_id=490"
          },
          {
            "trust": 0.1,
            "url": "http://www.mandriva.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0711"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2495"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2901"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2522"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1166"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1015"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1163"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1093"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1780"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2525"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1746"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/1055"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4649"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4649"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1078"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1170"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1745"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1015"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3560"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1163"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1936"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1494"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1573"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2689"
          },
          {
            "trust": 0.1,
            "url": "http://downloads.vmware.com/go/selfsupport-download"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos_vi.html"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2519"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0726"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3560"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/2009143"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1763"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1166"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1044"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2482"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3493"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1078"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1521"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0711"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1171"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2213"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/eos.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0547"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0787"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1521"
          },
          {
            "trust": 0.1,
            "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1577"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2491"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2059"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1172"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1172"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0726"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/security/advisories"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2089"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3720"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1678"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1182"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1080"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1080"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0695"
          },
          {
            "trust": 0.1,
            "url": "http://www.vmware.com/support/policies/security_response.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1494"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0787"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0695"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2517"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1044"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3720"
          },
          {
            "trust": 0.1,
            "url": "http://kb.vmware.com/kb/2009142"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2022"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1593"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1182"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1170"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2089"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2694"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0547"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2492"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2059"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1495"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1093"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3493"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1576"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3378"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1634"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1171"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1495"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1776"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.19.7-1ubuntu1.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.21.0-1ubuntu1.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2417"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.18.0-1ubuntu2.3"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/curl/7.21.3-1ubuntu1.2"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50137"
          },
          {
            "db": "BID",
            "id": "48434"
          },
          {
            "db": "PACKETSTORM",
            "id": "102739"
          },
          {
            "db": "PACKETSTORM",
            "id": "102820"
          },
          {
            "db": "PACKETSTORM",
            "id": "109373"
          },
          {
            "db": "PACKETSTORM",
            "id": "111915"
          },
          {
            "db": "PACKETSTORM",
            "id": "112043"
          },
          {
            "db": "PACKETSTORM",
            "id": "103266"
          },
          {
            "db": "PACKETSTORM",
            "id": "109299"
          },
          {
            "db": "PACKETSTORM",
            "id": "102551"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2192"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-50137",
            "ident": null
          },
          {
            "db": "BID",
            "id": "48434",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "102739",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "102820",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "109373",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "111915",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "112043",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103266",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "109299",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "102551",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2192",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-07-07T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50137",
            "ident": null
          },
          {
            "date": "2011-06-24T00:00:00",
            "db": "BID",
            "id": "48434",
            "ident": null
          },
          {
            "date": "2011-07-02T17:00:00",
            "db": "PACKETSTORM",
            "id": "102739",
            "ident": null
          },
          {
            "date": "2011-07-05T19:56:28",
            "db": "PACKETSTORM",
            "id": "102820",
            "ident": null
          },
          {
            "date": "2012-02-03T00:24:52",
            "db": "PACKETSTORM",
            "id": "109373",
            "ident": null
          },
          {
            "date": "2012-04-17T20:34:39",
            "db": "PACKETSTORM",
            "id": "111915",
            "ident": null
          },
          {
            "date": "2012-04-20T20:15:33",
            "db": "PACKETSTORM",
            "id": "112043",
            "ident": null
          },
          {
            "date": "2011-07-22T14:38:04",
            "db": "PACKETSTORM",
            "id": "103266",
            "ident": null
          },
          {
            "date": "2012-01-30T12:12:00",
            "db": "PACKETSTORM",
            "id": "109299",
            "ident": null
          },
          {
            "date": "2011-06-24T09:13:29",
            "db": "PACKETSTORM",
            "id": "102551",
            "ident": null
          },
          {
            "date": "2011-06-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-322",
            "ident": null
          },
          {
            "date": "2011-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001894",
            "ident": null
          },
          {
            "date": "2011-07-07T21:55:02.320000",
            "db": "NVD",
            "id": "CVE-2011-2192",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2020-05-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50137",
            "ident": null
          },
          {
            "date": "2015-04-13T20:55:00",
            "db": "BID",
            "id": "48434",
            "ident": null
          },
          {
            "date": "2021-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201106-322",
            "ident": null
          },
          {
            "date": "2012-12-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-001894",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2192",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "103266"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "_id": null,
        "data": "libcurl of  Curl_input_negotiate Function spoofing client vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-001894"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "trust management problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201106-322"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201108-0185

    Vulnerability from variot - Updated: 2026-04-10 22:40

    Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2136 and CVE-2011-2138 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


                        SUSE Security Announcement
    
        Package:                flash-player
        Announcement ID:        SUSE-SA:2011:033
        Date:                   Wed, 10 Aug 2011 14:00:00 +0000
        Affected Products:      SUSE Linux Enterprise Desktop 11 SP1
                                SUSE Linux Enterprise Desktop 10 SP4
        Vulnerability Type:     remote code execution
        CVSS v2 Base Score:     6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
        SUSE Default Package:   yes
        Cross-References:       CVE-2011-2130, CVE-2011-2134, CVE-2011-2135
                                CVE-2011-2136, CVE-2011-2137, CVE-2011-2138
                                CVE-2011-2139, CVE-2011-2140, CVE-2011-2414
                                CVE-2011-2415, CVE-2011-2416, CVE-2011-2417
                                CVE-2011-2425
    
    Content of This Advisory:
        1) Security Vulnerability Resolved:
             remote code execution
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            none
        6) Authenticity Verification and Additional Information
    

    1) Problem Description and Brief Discussion

    Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

    Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.

    For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html

    2) Solution or Work-Around

    none

    3) Special Instructions and Notes

    Pleease restart your browser.

    4) Package Location and Checksums

    The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them.

    Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>
    

    to apply the update, replacing with the filename of the downloaded RPM package.

    Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web:

    SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900

    SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10


    5) Pending Vulnerabilities, Solutions, and Work-Arounds:

    none


    6) Authenticity Verification and Additional Information

    • Announcement authenticity verification:

      SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.

      To verify the signature of the announcement, save it as text into a file and run the command

      gpg --verify

      replacing with the name of the file where you saved the announcement. The output for a valid signature looks like:

      gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team security@suse.de"

      where is replaced by the date the document was signed.

      If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

    • Package authenticity verification:

      SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.

      The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command

      rpm -v --checksig

      to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA.

      This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.

    • SUSE runs two security mailing lists to which any interested party may subscribe:

      opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security+subscribe@opensuse.org.

      opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to opensuse-security-announce+subscribe@opensuse.org. The security@suse.de public key is listed below. =====================================================================


      The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.

      SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . ----------------------------------------------------------------------

    The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242


    TITLE: Adobe Flash Player Multiple Vulnerabilities

    SECUNIA ADVISORY ID: SA45583

    VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45583

    RELEASE DATE: 2011-08-11

    DISCUSS ADVISORY: http://secunia.com/advisories/45583/#comments

    AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

    http://secunia.com/advisories/45583/

    ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

    https://ca.secunia.com/?page=viewadvisory&vuln_id=45583

    ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

    http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

    DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

    7) An unspecified error can be exploited to disclose certain information from another domain.

    Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor

    The vendor credits: 2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences 3) Wushi, Team 509 via iDefense Labs 4, 11) Vitaliy Toropov via iDefense Labs 5) Alexander Zaitsev, Positive Technologies 6, 8) An anonymous person via ZDI 7) Brandon Hardy 9) Bo Qu, Palo Alto Networks 10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs 12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team 13) Honggang Ren, FortiGuard Labs

    ORIGINAL ADVISORY: Adobe (APSB11-21): http://www.adobe.com/support/security/bulletins/apsb11-21.html

    OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

    EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


    About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/advisories/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. iDefense Security Advisory 08.09.11 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 09, 2011

    I. BACKGROUND

    Adobe Flash Player is an application for viewing animations and movies using computer programs such as a Web browser; in common usage, Flash lets you put animation and movies on a website. Flash Player runs SWF files that can be created by the Adobe Flash authoring tool, by Adobe Flex, or by a number of other Macromedia and third-party tools. For more information, please visit following website:

    http://www.adobe.com/products/flashplayer/

    II.

    During the allocation of an array within a certain internal ActionScript function, a size calculation may cause an integer value to overflow. This condition may lead to the bounds of an undersized array being overflown during a memory copy operation.

    III. An attacker typically accomplishes this via social engineering or injecting content into a compromised, trusted site.

    IV. WORKAROUND

    Disable Flash Player plugin by restricting access to Flash Player files, which is usually under C:\WINDOWS\system32\Macromed\Flash\

    VI. VENDOR RESPONSE

    Adobe has released a fix which addresses this issue. Information about downloadable vendor updates can be found by clicking on the URLs shown.

    http://www.adobe.com/support/security/bulletins/apsb11-21.html

    VII. CVE INFORMATION

    The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2011-2416 and CVE-2011-2136 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.

    VIII. DISCLOSURE TIMELINE

    04/27/2011 Initial Vendor Notification 04/27/2011 Vendor Reply 08/09/2011 Coordinated Public Disclosure

    IX. CREDIT

    This vulnerability was reported to iDefense by Vitaliy Toropov.

    Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php

    Free tools, research and upcoming events http://labs.idefense.com/

    X. LEGAL NOTICES

    Copyright © 2011 Verisign

    Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Adobe Flash Player users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10"

    References

    [ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    http://security.gentoo.org/glsa/glsa-201110-11.xml

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 =====================================================================

    1. Summary:

    Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary.

    The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

    1. Relevant releases/architectures:

    Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

    1. Description:

    Adobe Reader allows users to view and print documents in Portable Document Format (PDF).

    This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section.

    A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424, CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)

    A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2011-2429)

    All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

    1. Solution:

    Before applying this update, make sure all previously-released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

    1. Bugs fixed (http://bugzilla.redhat.com/):

    729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24)

    1. Package List:

    Red Hat Enterprise Linux AS version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Desktop version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux ES version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux WS version 4 Extras:

    i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm

    x86_64: acroread-9.4.6-1.el4.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 5):

    i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 5):

    i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm

    Red Hat Enterprise Linux Desktop Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    Red Hat Enterprise Linux Server Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    Red Hat Enterprise Linux Workstation Supplementary (v. 6):

    i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.2.154.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.2.154.13"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.3.181.14"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.3.181.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.3.181.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.9,
            "vendor": "adobe",
            "version": "10.2.159.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "adobe",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.246.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "8.0.35.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.115.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.156.12"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.95.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.155.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152.33"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.262.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.157.51"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.52.15"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152.32"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.28.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.260.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.52.14.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.32.18"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.277.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.12.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.283.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.185.21"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.53.64"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.2.152"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.124.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.3.185.23"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.152.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.22.87"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.85.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.82.76"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.159.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.151.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.15.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.31.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.105.6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.47.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.45.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "8.0.34.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.0.42.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "9.0.48.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.92.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.106.16"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "adobe",
            "version": "10.1.102.64"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.45.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.185.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.73.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.79"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.63"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.69.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.33.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.70.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.18d60"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "1.5.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.112.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.0.584"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.28"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.19.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "1.5.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.60.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.20.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.0.12.10"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.14.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "2.7"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.31"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.66.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.22.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.1"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.53.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.25"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.61.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.67.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "10.3.181.36"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "6.0.21.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.24.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.114.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.125.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.39.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "9.0.16"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "7.0.68.0"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "1.1"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "adobe",
            "version": "8.0.42.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.34"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.181.36   for chrome users"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "adobe",
            "version": "10.3.185.25   for android"
          },
          {
            "_id": null,
            "model": "hp systems insight manager",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "enterprise linux server supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.1.z"
          },
          {
            "_id": null,
            "model": "enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (client)"
          },
          {
            "_id": null,
            "model": "rhel desktop supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6"
          },
          {
            "_id": null,
            "model": "rhel supplementary",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5 (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6.z (server)"
          },
          {
            "_id": null,
            "model": "rhel supplementary long life",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.6 (server)"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "adobe",
            "version": "10.3.181.36"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.94"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.57"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.12.35"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.100"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.152.21"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.6.19140"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.280"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.186.3"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.43"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.22"
          },
          {
            "_id": null,
            "model": "systems insight manager sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.51.66"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.27"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.153.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.204"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.2460"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.128"
          },
          {
            "_id": null,
            "model": "desktop extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "8"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.22"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0.0.96"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.181.26"
          },
          {
            "_id": null,
            "model": "hat enterprise linux supplementary server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.127"
          },
          {
            "_id": null,
            "model": "solaris express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "11"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.262"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.65"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.24"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "systems insight manager sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.4"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.107"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.18"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.112"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.71"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.b3.61",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.3218"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9.0.289.0"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux es extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12.0.742.91"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.185.25"
          },
          {
            "_id": null,
            "model": "solaris 10 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "9.0.597.84"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.112"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "13.0.782.107"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.77"
          },
          {
            "_id": null,
            "model": "hat enterprise linux server supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.0.452"
          },
          {
            "_id": null,
            "model": "systems insight manager sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.3.183.5"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.696.68"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11.0.672.2"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.7.1"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "9"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "12"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "11"
          },
          {
            "_id": null,
            "model": "hat enterprise linux desktop supplementary client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5"
          },
          {
            "_id": null,
            "model": "systems insight manager sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.133"
          },
          {
            "_id": null,
            "model": "systems insight manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.7.1.1961"
          },
          {
            "_id": null,
            "model": "systems insight manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "enterprise linux as extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "flash player release candida",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "chrome",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "google",
            "version": "10.0.648.205"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.2.154.28"
          },
          {
            "_id": null,
            "model": "systems insight manager update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "5.31"
          },
          {
            "_id": null,
            "model": "air",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "2.6.19120"
          },
          {
            "_id": null,
            "model": "freeflow print server 73.c0.41",
            "scope": null,
            "trust": 0.3,
            "vendor": "xerox",
            "version": null
          },
          {
            "_id": null,
            "model": "hat enterprise linux workstation supplementary",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "6"
          },
          {
            "_id": null,
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11.3"
          },
          {
            "_id": null,
            "model": "flash player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "adobe",
            "version": "10.1.102.65"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "49081"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2416"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:adobe:adobe_air",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:adobe:flash_player",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:hp:systems_insight_manager",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_server_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_workstation_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_desktop_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_eus",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:redhat:rhel_supplementary_long_life",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Wushi of Team 509 through iDefense Labs",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2011-2416",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-2416",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "VHN-50361",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-2416",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-2416",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201108-187",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULHUB",
                "id": "VHN-50361",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2416"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. Adobe Flash Player and Adobe AIR Contains an integer overflow vulnerability. This vulnerability CVE-2011-2136 and CVE-2011-2138 Is a different vulnerability.An attacker could execute arbitrary code. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n                        SUSE Security Announcement\n\n        Package:                flash-player\n        Announcement ID:        SUSE-SA:2011:033\n        Date:                   Wed, 10 Aug 2011 14:00:00 +0000\n        Affected Products:      SUSE Linux Enterprise Desktop 11 SP1\n                                SUSE Linux Enterprise Desktop 10 SP4\n        Vulnerability Type:     remote code execution\n        CVSS v2 Base Score:     6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n        SUSE Default Package:   yes\n        Cross-References:       CVE-2011-2130, CVE-2011-2134, CVE-2011-2135\n                                CVE-2011-2136, CVE-2011-2137, CVE-2011-2138\n                                CVE-2011-2139, CVE-2011-2140, CVE-2011-2414\n                                CVE-2011-2415, CVE-2011-2416, CVE-2011-2417\n                                CVE-2011-2425\n\n    Content of This Advisory:\n        1) Security Vulnerability Resolved:\n             remote code execution\n           Problem Description\n        2) Solution or Work-Around\n        3) Special Instructions and Notes\n        4) Package Location and Checksums\n        5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n            none\n        6) Authenticity Verification and Additional Information\n\n______________________________________________________________________________\n\n1) Problem Description and Brief Discussion\n\n   Flash-Player was updated to version 10.3.188.5 to fix various buffer\n   and integer overflows:\n   - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n   \n   Earlier flash-player versions can be exploited to execute arbitrary code\n   remotely with the privileges of the attacked user. \n   \n   For more details see:\n   http://www.adobe.com/support/security/bulletins/apsb11-21.html\n\n2) Solution or Work-Around\n\n   none\n\n3) Special Instructions and Notes\n\n   Pleease restart your browser. \n\n4) Package Location and Checksums\n\n   The preferred method for installing security updates is to use the YaST\n   \"Online Update\" module or the \"zypper\" commandline tool. The package and\n   patch management stack will detect which updates are required and\n   automatically perform the necessary steps to verify and install them. \n\n   Alternatively, download the update packages for your distribution manually\n   and verify their integrity by the methods listed in Section 6 of this\n   announcement. Then install the packages using the command\n\n     rpm -Fhv \u003cfile.rpm\u003e\n\n   to apply the update, replacing \u003cfile.rpm\u003e with the filename of the\n   downloaded RPM package. \n\n   Our maintenance customers are notified individually. The packages are\n   offered for installation from the maintenance web:\n   \n   SUSE Linux Enterprise Desktop 10 SP4\n     http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900\n   \n   SUSE Linux Enterprise Desktop 11 SP1\n     http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10\n\n______________________________________________________________________________\n\n5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n\n   none\n______________________________________________________________________________\n\n6) Authenticity Verification and Additional Information\n\n  - Announcement authenticity verification:\n\n    SUSE security announcements are published via mailing lists and on Web\n    sites. The authenticity and integrity of a SUSE security announcement is\n    guaranteed by a cryptographic signature in each announcement. All SUSE\n    security announcements are published with a valid signature. \n\n    To verify the signature of the announcement, save it as text into a file\n    and run the command\n\n      gpg --verify \u003cfile\u003e\n\n    replacing \u003cfile\u003e with the name of the file where you saved the\n    announcement. The output for a valid signature looks like:\n\n      gpg: Signature made \u003cDATE\u003e using RSA key ID 3D25D3D9\n      gpg: Good signature from \"SuSE Security Team \u003csecurity@suse.de\u003e\"\n\n    where \u003cDATE\u003e is replaced by the date the document was signed. \n\n    If the security team\u0027s key is not contained in your key ring, you can\n    import it from the first installation CD. To import the key, use the\n    command\n\n      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc\n\n  - Package authenticity verification:\n\n    SUSE update packages are available on many mirror FTP servers all over the\n    world. While this service is considered valuable and important to the free\n    and open source software community, the authenticity and the integrity of\n    a package needs to be verified to ensure that it has not been tampered\n    with. \n\n    The internal rpm package signatures provide an easy way to verify the\n    authenticity of an RPM package. Use the command\n\n     rpm -v --checksig \u003cfile.rpm\u003e\n\n    to verify the signature of the package, replacing \u003cfile.rpm\u003e with the\n    filename of the RPM package downloaded. The package is unmodified if it\n    contains a valid signature from build@suse.de with the key ID 9C800ACA. \n\n    This key is automatically imported into the RPM database (on\n    RPMv4-based distributions) and the gpg key ring of \u0027root\u0027 during\n    installation. You can also find it on the first installation CD and at\n    the end of this announcement. \n\n  - SUSE runs two security mailing lists to which any interested party may\n    subscribe:\n\n    opensuse-security@opensuse.org\n        -   General Linux and SUSE security discussion. \n            All SUSE security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security+subscribe@opensuse.org\u003e. \n\n    opensuse-security-announce@opensuse.org\n        -   SUSE\u0027s announce-only mailing list. \n            Only SUSE\u0027s security announcements are sent to this list. \n            To subscribe, send an e-mail to\n                \u003copensuse-security-announce+subscribe@opensuse.org\u003e. \n    The \u003csecurity@suse.de\u003e public key is listed below. \n    =====================================================================\n______________________________________________________________________________\n\n    The information in this advisory may be distributed or reproduced,\n    provided that the advisory is not modified in any way. In particular, the\n    clear text signature should show proof of the authenticity of the text. \n\n    SUSE Linux Products GmbH provides no warranties of any kind whatsoever\n    with respect to the information contained in this security advisory. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nAdobe Flash Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA45583\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45583/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nRELEASE DATE:\n2011-08-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45583/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45583/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Adobe Flash Player,\nwhich can be exploited by malicious people to disclose sensitive\ninformation and compromise a user\u0027s system. \n\n7) An unspecified error can be exploited to disclose certain\ninformation from another domain. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor\n\nThe vendor credits:\n2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of\nSciences\n3) Wushi, Team 509 via iDefense Labs\n4, 11) Vitaliy Toropov via iDefense Labs\n5) Alexander Zaitsev, Positive Technologies\n6, 8) An anonymous person via ZDI\n7) Brandon Hardy\n9) Bo Qu, Palo Alto Networks\n10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs\n12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team\n13) Honggang Ren, FortiGuard Labs\n\nORIGINAL ADVISORY:\nAdobe (APSB11-21):\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. iDefense Security Advisory 08.09.11\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nAug 09, 2011\n\nI. BACKGROUND\n\nAdobe Flash Player is an application for viewing animations and movies\nusing computer programs such as a Web browser; in common usage, Flash\nlets you put animation and movies on a website. Flash Player runs SWF\nfiles that can be created by the Adobe Flash authoring tool, by Adobe\nFlex, or by a number of other Macromedia and third-party tools. For more\ninformation, please visit following website:\n\nhttp://www.adobe.com/products/flashplayer/\n\nII. \n\nDuring the allocation of an array within a certain internal ActionScript\nfunction, a size calculation may cause an integer value to overflow. \nThis condition may lead to the bounds of an undersized array being\noverflown during a memory copy operation. \n\nIII. An attacker typically accomplishes this via\nsocial engineering or injecting content into a compromised, trusted\nsite. \n\nIV. WORKAROUND\n\nDisable Flash Player plugin by restricting access to Flash Player files,\nwhich is usually under C:\\WINDOWS\\system32\\Macromed\\Flash\\\n\nVI. VENDOR RESPONSE\n\nAdobe has released a fix which addresses this issue. Information about\ndownloadable vendor updates can be found by clicking on the URLs shown. \n\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2011-2416 and CVE-2011-2136 to this issue. This is a candidate\nfor inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n04/27/2011  Initial Vendor Notification\n04/27/2011  Vendor Reply\n08/09/2011  Coordinated Public Disclosure\n\nIX. CREDIT\n\nThis vulnerability was reported to iDefense by Vitaliy Toropov. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \u00a9 2011 Verisign\n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\ne-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Adobe Flash Player users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-plugins/adobe-flash-10.3.183.10\"\n\nReferences\n==========\n\n[  1 ] APSA11-01\n       http://www.adobe.com/support/security/advisories/apsa11-01.html\n[  2 ] APSA11-02\n       http://www.adobe.com/support/security/advisories/apsa11-02.html\n[  3 ] APSB11-02\n       http://www.adobe.com/support/security/bulletins/apsb11-02.html\n[  4 ] APSB11-12\n       http://www.adobe.com/support/security/bulletins/apsb11-12.html\n[  5 ] APSB11-13\n       http://www.adobe.com/support/security/bulletins/apsb11-13.html\n[  6 ] APSB11-21\n       https://www.adobe.com/support/security/bulletins/apsb11-21.html\n[  7 ] APSB11-26\n       https://www.adobe.com/support/security/bulletins/apsb11-26.html\n[  8 ] CVE-2011-0558\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558\n[  9 ] CVE-2011-0559\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559\n[ 10 ] CVE-2011-0560\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560\n[ 11 ] CVE-2011-0561\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561\n[ 12 ] CVE-2011-0571\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571\n[ 13 ] CVE-2011-0572\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572\n[ 14 ] CVE-2011-0573\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573\n[ 15 ] CVE-2011-0574\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574\n[ 16 ] CVE-2011-0575\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575\n[ 17 ] CVE-2011-0577\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577\n[ 18 ] CVE-2011-0578\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578\n[ 19 ] CVE-2011-0579\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579\n[ 20 ] CVE-2011-0589\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589\n[ 21 ] CVE-2011-0607\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607\n[ 22 ] CVE-2011-0608\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608\n[ 23 ] CVE-2011-0609\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609\n[ 24 ] CVE-2011-0611\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611\n[ 25 ] CVE-2011-0618\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618\n[ 26 ] CVE-2011-0619\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619\n[ 27 ] CVE-2011-0620\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620\n[ 28 ] CVE-2011-0621\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621\n[ 29 ] CVE-2011-0622\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622\n[ 30 ] CVE-2011-0623\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623\n[ 31 ] CVE-2011-0624\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624\n[ 32 ] CVE-2011-0625\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625\n[ 33 ] CVE-2011-0626\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626\n[ 34 ] CVE-2011-0627\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627\n[ 35 ] CVE-2011-0628\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628\n[ 36 ] CVE-2011-2107\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107\n[ 37 ] CVE-2011-2110\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110\n[ 38 ] CVE-2011-2125\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135\n[ 39 ] CVE-2011-2130\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130\n[ 40 ] CVE-2011-2134\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134\n[ 41 ] CVE-2011-2136\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136\n[ 42 ] CVE-2011-2137\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137\n[ 43 ] CVE-2011-2138\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138\n[ 44 ] CVE-2011-2139\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139\n[ 45 ] CVE-2011-2140\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140\n[ 46 ] CVE-2011-2414\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414\n[ 47 ] CVE-2011-2415\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415\n[ 48 ] CVE-2011-2416\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416\n[ 49 ] CVE-2011-2417\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417\n[ 50 ] CVE-2011-2424\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424\n[ 51 ] CVE-2011-2425\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425\n[ 52 ] CVE-2011-2426\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426\n[ 53 ] CVE-2011-2427\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427\n[ 54 ] CVE-2011-2428\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428\n[ 55 ] CVE-2011-2429\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429\n[ 56 ] CVE-2011-2430\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430\n[ 57 ] CVE-2011-2444\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201110-11.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2011 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: acroread security update\nAdvisory ID:       RHSA-2011:1434-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2011-1434.html\nIssue date:        2011-11-08\nCVE Names:         CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 \n                   CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 \n                   CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 \n                   CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 \n                   CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 \n                   CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 \n                   CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 \n                   CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 \n                   CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 \n                   CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 \n                   CVE-2011-2444 \n=====================================================================\n\n1. Summary:\n\nUpdated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Desktop version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux AS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux ES version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux WS version 4 Extras - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. Description:\n\nAdobe Reader allows users to view and print documents in Portable Document\nFormat (PDF). \n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section. \n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)\n740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26\n740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26\n740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26\n749381 - acroread: multiple code execution flaws (APSB11-24)\n\n6. Package List:\n\nRed Hat Enterprise Linux AS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Desktop version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux ES version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux WS version 4 Extras:\n\ni386:\nacroread-9.4.6-1.el4.i386.rpm\nacroread-plugin-9.4.6-1.el4.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el4.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nx86_64:\nacroread-9.4.6-1.el5.i386.rpm\nacroread-plugin-9.4.6-1.el5.i386.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nx86_64:\nacroread-9.4.6-1.el6.i686.rpm\nacroread-plugin-9.4.6-1.el6.i686.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-2130.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2134.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2135.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2136.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2137.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2138.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2139.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2140.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2414.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2415.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2416.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2417.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2424.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2425.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2426.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2427.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2428.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2429.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2430.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2431.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2432.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2433.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2434.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2435.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2436.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2437.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2438.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2439.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2440.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2442.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2444.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-24.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-26.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q\n0+KSTL2IByBwtP8+xfPmUNE=\n=qFq6\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-2416"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          },
          {
            "db": "BID",
            "id": "49081"
          },
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "103903"
          },
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          }
        ],
        "trust": 2.52
      },
      "exploit_availability": {
        "_id": null,
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-50361",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          }
        ]
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-2416",
            "trust": 3.3
          },
          {
            "db": "USCERT",
            "id": "TA11-222A",
            "trust": 1.9
          },
          {
            "db": "SECUNIA",
            "id": "45583",
            "trust": 1.5
          },
          {
            "db": "SECUNIA",
            "id": "45529",
            "trust": 1.4
          },
          {
            "db": "BID",
            "id": "49081",
            "trust": 1.2
          },
          {
            "db": "SECUNIA",
            "id": "48308",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "45593",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1025907",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1025914",
            "trust": 0.8
          },
          {
            "db": "USCERT",
            "id": "SA11-222A",
            "trust": 0.8
          },
          {
            "db": "OSVDB",
            "id": "74442",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187",
            "trust": 0.7
          },
          {
            "db": "BID",
            "id": "49082",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "17880",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "17500",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "103918",
            "trust": 0.2
          },
          {
            "db": "VULHUB",
            "id": "VHN-50361",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103946",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "103903",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "105802",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "109194",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "106736",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          },
          {
            "db": "BID",
            "id": "49081"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "103903"
          },
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2416"
          }
        ]
      },
      "id": "VAR-201108-0185",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2026-04-10T22:40:55.909000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "APSB11-21",
            "trust": 0.8,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "title": "APSB11-21 (cpsid_91448)",
            "trust": 0.8,
            "url": "http://kb2.adobe.com/jp/cps/914/cpsid_91448.html"
          },
          {
            "title": "APSB11-21",
            "trust": 0.8,
            "url": "http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html"
          },
          {
            "title": "HPSBMU02769 SSRT100846",
            "trust": 0.8,
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151"
          },
          {
            "title": "RHSA-2011:1144",
            "trust": 0.8,
            "url": "https://rhn.redhat.com/errata/RHSA-2011-1144.html"
          },
          {
            "title": "TA11-222A",
            "trust": 0.8,
            "url": "http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-189",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2416"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.5,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
          },
          {
            "trust": 1.9,
            "url": "http://www.us-cert.gov/cas/techalerts/ta11-222a.html"
          },
          {
            "trust": 1.4,
            "url": "http://secunia.com/advisories/45529"
          },
          {
            "trust": 1.4,
            "url": "http://secunia.com/advisories/45583"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14132"
          },
          {
            "trust": 1.1,
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16025"
          },
          {
            "trust": 1.1,
            "url": "http://www.redhat.com/support/errata/rhsa-2011-1144.html"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2416"
          },
          {
            "trust": 0.8,
            "url": "https://www.jpcert.or.jp/at/2011/at110022.txt"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnta11-222a"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2416"
          },
          {
            "trust": 0.8,
            "url": "http://osvdb.org/74442"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/45593"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/49081"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id?1025914"
          },
          {
            "trust": 0.8,
            "url": "http://www.securitytracker.com/id?1025907"
          },
          {
            "trust": 0.8,
            "url": "http://www.us-cert.gov/cas/alerts/sa11-222a.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.npa.go.jp/cyberpolice/#topics"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/49082"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/17500"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/17880"
          },
          {
            "trust": 0.3,
            "url": "http://www.adobe.com"
          },
          {
            "trust": 0.3,
            "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/519236"
          },
          {
            "trust": 0.3,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=936"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/css/p8/documents/100151664"
          },
          {
            "trust": 0.3,
            "url": "http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2136"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2416"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2130"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2138"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2134"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2139"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2140"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2414"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2415"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2135"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2417"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2137"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2425"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417"
          },
          {
            "trust": 0.2,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0589"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589"
          },
          {
            "trust": 0.2,
            "url": "https://www.adobe.com/support/security/bulletins/apsb11-26.html"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140"
          },
          {
            "trust": 0.2,
            "url": "http://security.gentoo.org/"
          },
          {
            "trust": 0.2,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/"
          },
          {
            "trust": 0.1,
            "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
          },
          {
            "trust": 0.1,
            "url": "http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900"
          },
          {
            "trust": 0.1,
            "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45583"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/45583/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/blog/242"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_intelligence/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/45583/#comments"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/vulnerability_scanning/personal/"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/advisories/about_secunia_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/),"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/products/flashplayer/"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
          },
          {
            "trust": 0.1,
            "url": "http://labs.idefense.com/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0627"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0622"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0625"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0575"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0623"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0620"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0560"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0626"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0574"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0571"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0559"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0579"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-13.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0578"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0611"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-12.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0573"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0561"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0572"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0618"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0621"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0577"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0609"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0619"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0628"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0607"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201110-11.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0604"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0605"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0586"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0600"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0596"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0603"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0595"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4091"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0588"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0562"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590"
          },
          {
            "trust": 0.1,
            "url": "http://security.gentoo.org/glsa/glsa-201201-19.xml"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0570"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0592"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0566"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0599"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0606"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0594"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0563"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0591"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0602"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0590"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0598"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2425.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2415.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2438"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/kb/docs/doc-11259"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2424.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#critical"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2429"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2432.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2436.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2438.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2138.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2428.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2434"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2416.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2444.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2439.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2431.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2428"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2430"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2135.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2433"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2435"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2430.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2435.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2442.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2137.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2433.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2427"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2432"
          },
          {
            "trust": 0.1,
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2426"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2431"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2140.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2426.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2130.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2436"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2414.html"
          },
          {
            "trust": 0.1,
            "url": "https://rhn.redhat.com/errata/rhsa-2011-1434.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2139.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2134.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2437.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2417.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2136.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2429.html"
          },
          {
            "trust": 0.1,
            "url": "http://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2427.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2440.html"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2011-2434.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2437"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2439"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2424"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-50361"
          },
          {
            "db": "BID",
            "id": "49081"
          },
          {
            "db": "PACKETSTORM",
            "id": "103946"
          },
          {
            "db": "PACKETSTORM",
            "id": "103903"
          },
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "PACKETSTORM",
            "id": "106736"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2416"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-50361",
            "ident": null
          },
          {
            "db": "BID",
            "id": "49081",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103946",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103903",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "103918",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "105802",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "109194",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "106736",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2011-2416",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2011-08-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50361",
            "ident": null
          },
          {
            "date": "2011-08-09T00:00:00",
            "db": "BID",
            "id": "49081",
            "ident": null
          },
          {
            "date": "2011-08-12T05:17:05",
            "db": "PACKETSTORM",
            "id": "103946",
            "ident": null
          },
          {
            "date": "2011-08-10T08:16:38",
            "db": "PACKETSTORM",
            "id": "103903",
            "ident": null
          },
          {
            "date": "2011-08-11T04:45:55",
            "db": "PACKETSTORM",
            "id": "103918",
            "ident": null
          },
          {
            "date": "2011-10-14T06:16:06",
            "db": "PACKETSTORM",
            "id": "105802",
            "ident": null
          },
          {
            "date": "2012-01-31T00:07:37",
            "db": "PACKETSTORM",
            "id": "109194",
            "ident": null
          },
          {
            "date": "2011-11-08T15:21:13",
            "db": "PACKETSTORM",
            "id": "106736",
            "ident": null
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-187",
            "ident": null
          },
          {
            "date": "2011-08-30T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-002158",
            "ident": null
          },
          {
            "date": "2011-08-10T22:55:01.017000",
            "db": "NVD",
            "id": "CVE-2011-2416",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2018-10-30T00:00:00",
            "db": "VULHUB",
            "id": "VHN-50361",
            "ident": null
          },
          {
            "date": "2013-06-20T09:39:00",
            "db": "BID",
            "id": "49081",
            "ident": null
          },
          {
            "date": "2011-08-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201108-187",
            "ident": null
          },
          {
            "date": "2013-03-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2011-002158",
            "ident": null
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-2416",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "103918"
          },
          {
            "db": "PACKETSTORM",
            "id": "105802"
          },
          {
            "db": "PACKETSTORM",
            "id": "109194"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "_id": null,
        "data": "Adobe Flash Player and  Adobe AIR Integer overflow vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2011-002158"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "digital error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201108-187"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200110-0170

    Vulnerability from variot - Updated: 2026-04-10 22:39

    The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to "a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. An attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. All versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.


    To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.

    The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.

    This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links

    Read the full description: http://corporate.secunia.com/products/48/?r=l

    Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l


    TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability

    SECUNIA ADVISORY ID: SA22679

    VERIFY ADVISORY: http://secunia.com/advisories/22679/

    CRITICAL: Moderately critical

    IMPACT: DoS, System access

    WHERE:

    From remote

    OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/

    DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.

    The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.

    The vulnerability is reported in the driver on a PowerBook running version 10.4.8.

    SOLUTION: Do not place the card into active scanning mode.

    PROVIDED AND/OR DISCOVERED BY: H D Moore

    ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html


    About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

    Subscribe: http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

    Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


    Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "debian gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "openssl",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "red hat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 3.2,
            "vendor": "ubuntu",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "f5",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "oracle",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "suse linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "slackware linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 2.4,
            "vendor": "rpath",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "trustix secure linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "apple computer",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 1.6,
            "vendor": "sun microsystems",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 011",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "sdk 011",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 010",
            "scope": "eq",
            "trust": 1.5,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "sdk 010",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 013",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 014",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 1.2,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.37"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.18"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.22"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.24"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.13"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.27"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.28"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.09"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.15"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.16"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.12"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.32"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.01"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.19"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.23"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.29"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.26"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.34"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.20"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.21"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.30"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.33"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.25"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.04"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.06"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.03"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.02"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.17"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.07"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.05"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.14"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.18"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.11"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.08"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.07"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.22"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.24"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.28"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.13"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.15"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.16"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.27"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.05"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.35"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.01"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.09"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.31"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.23"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.29"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.12"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.32"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.20"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.30"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.19"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.25"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.26"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.04"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.21"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.33"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.06"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.34"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.02"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.17"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.36"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.03"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.14"
          },
          {
            "_id": null,
            "model": "bouncy-castle-crypto-package",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.35"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.10"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.11"
          },
          {
            "_id": null,
            "model": "bc-java",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "bouncycastle",
            "version": "1.08"
          },
          {
            "_id": null,
            "model": "sdk 08",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk 11",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 15",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 015",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "jre 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "jdk 09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jdk 007",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "jre 1.4.2 12",
            "scope": null,
            "trust": 0.9,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "sdk 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk .0 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "jre .0 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre 11",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "sdk 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "jre 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre .0 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "sdk 07",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jdk b 005",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "sdk 10",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "jre 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre .0 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "sdk .0 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jre 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "sdk 09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 14",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jdk .0 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 12",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "jre 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "sdk 08",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk .0 4",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "sdk .0 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "sdk 007",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "jre 06",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk 01",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "jre .0 02",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jre 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk 13",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jdk 008",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jdk 08",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre 08",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "sdk 04",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jre 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jre .0 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "jre 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 05",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 03",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 015",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "sdk 012",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 09",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "sdk 014",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 007",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jdk 009",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "wireshark",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "appgate network security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "attachmatewrq",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "blue coat",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gentoo linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "gnutls",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "iaik java group",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ibm",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "internet consortium",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "intoto",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "juniper",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mandriva",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "mozilla",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "openwall gnu linux",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "opera",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "rsa security",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "ssh security corp",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "sybase",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vmware",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "vandyke",
            "version": null
          },
          {
            "_id": null,
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "stonesoft",
            "version": null
          },
          {
            "_id": null,
            "model": "crypto package",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "bouncy castle",
            "version": "1.36"
          },
          {
            "_id": null,
            "model": "java cryptography api",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "bouncy castle",
            "version": "1.38"
          },
          {
            "_id": null,
            "model": "jre 005",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 04",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jre .0 01",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "jdk 003",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 007",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jdk .0 04",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jdk 005",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "sdk 13",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "sdk 005",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre .0 04",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "jdk 006",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "sdk 01",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "jdk 05",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jdk 007",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jdk .0 03",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "appeon",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sybase",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "jdk 06",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "jre b 007",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "sdk 05",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "jdk 002",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jre 008",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jdk 004",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "sdk 12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jdk 009",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "jdk 004",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "sdk 013",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jdk b 007",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "jre 012",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "jre 005",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jre 009",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.35"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.34"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.33"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.28"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.23"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.27"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.32"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.36"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.26"
          },
          {
            "_id": null,
            "model": "legion-of-the-bouncy-castle-java-crytography-api",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "bouncycastle",
            "version": "1.25"
          },
          {
            "_id": null,
            "model": "systems weblogic express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1.79"
          },
          {
            "_id": null,
            "model": "enterprise linux es ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "computing snapgear sg565",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ciscoworks common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.5"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(1)"
          },
          {
            "_id": null,
            "model": "reflection for secure it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "appliance server hosting edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.1.0"
          },
          {
            "_id": null,
            "model": "project openssl b-36.8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "risk analytics platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.9"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "s8300 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "java system web server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia k",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3.10"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ons",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154548.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.11"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.380004"
          },
          {
            "_id": null,
            "model": "easerver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "securecrt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vandyke",
            "version": "5.2.2"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.334685"
          },
          {
            "_id": null,
            "model": "ffi global fix lite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(0)"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.6"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "unwired orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "propack sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "java web proxy server sp8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "workspace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "1.6"
          },
          {
            "_id": null,
            "model": "2-stable-20061018",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "jre b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.12"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.11"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "linux mipsel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "-release-p3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.12"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.11"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3"
          },
          {
            "_id": null,
            "model": "4,0 beta",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "jre .0 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "-stablepre122300",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "bind a1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "software opera web browser 1win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "jdk 09",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "unwired accelerator and enterprise portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "mds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "95000"
          },
          {
            "_id": null,
            "model": "netscape",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscape",
            "version": "6.2.3"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.51"
          },
          {
            "_id": null,
            "model": "jre 12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.13"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "sdk 10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(0)"
          },
          {
            "_id": null,
            "model": "risk analytics platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "java web proxy server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.5"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.12"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 06",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "one application server standard edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "java system web server sp9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux personal oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "sdk 04",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.6"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.7"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "java system web server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.1.3"
          },
          {
            "_id": null,
            "model": "access registrar",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.1"
          },
          {
            "_id": null,
            "model": "solonde etl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "linux openexchange server",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "jsse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "one web server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.05"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.54"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "one web server sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.51"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "one web server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.05"
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "java system web server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "-release-p5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "www-client/opera",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "gentoo",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3(5)"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.10"
          },
          {
            "_id": null,
            "model": "converged communications server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.12"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.2"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.01"
          },
          {
            "_id": null,
            "model": "rtds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44900"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.4"
          },
          {
            "_id": null,
            "model": "project openssl beta2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "call manager es56",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "sdk 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.10"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.06"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.01"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.06"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.02"
          },
          {
            "_id": null,
            "model": "personal",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.02"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-release-p32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "jre 007",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.5.1"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "jre 01a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "reflection ftp client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "12.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.3"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "ffi global fix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "linux lts sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "call manager es33",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "easerver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.2"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.5"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.4.1"
          },
          {
            "_id": null,
            "model": "beta11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "rtds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "jsse 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.1"
          },
          {
            "_id": null,
            "model": "java system web server sp8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "bind b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.444386"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3.132"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "java web proxy server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "jre 009",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.52"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "3.0.2"
          },
          {
            "_id": null,
            "model": "jre b 005",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.639"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.5"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux hppa",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.342958"
          },
          {
            "_id": null,
            "model": "jsse 02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "application \u0026 content networking software",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.2"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "jre 11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3.728"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.3(1)"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.8"
          },
          {
            "_id": null,
            "model": "international cryptographic infrastructure",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "novell",
            "version": "2.7.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "risk analytics platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "rtds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.54"
          },
          {
            "_id": null,
            "model": "software opera web browser beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "83"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "computing snapgear u2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "secure",
            "version": "3.1.4"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.07"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.53"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.21"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "java system web server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "computing snapgear sg580",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "ons 15454e optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.1"
          },
          {
            "_id": null,
            "model": "data auditing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "4.5.3"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "afaria",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.11"
          },
          {
            "_id": null,
            "model": "-release-p42",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ons mstp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "ssl360",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "2.0/3"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2 r1standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "3.3.7"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server for ibm z/os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "easerver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.5"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(0)"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "unwired orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "data direct odbc/ole-db drivers for ase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "java system web server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "communications security tectia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "bind a5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "global fix lite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "easerver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "software opera web browser win32 beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.01"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.6.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(1)"
          },
          {
            "_id": null,
            "model": "works common services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.6(1)"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "software opera web browser linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "netscape",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscape",
            "version": "7.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.7"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.22"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "wide area application services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "virtualvault a.04.50",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "integrated management",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.14"
          },
          {
            "_id": null,
            "model": "project openssl g",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "bind a4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "computing snapgear sg560",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "suse linux school server for i386",
            "scope": null,
            "trust": 0.3,
            "vendor": "s u s e",
            "version": null
          },
          {
            "_id": null,
            "model": "communications security ssh tectia connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.0.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "current",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "jre 10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "rtds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "one web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "rtds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "3.5"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.07"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "call manager es07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 04",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "java system web server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "workspace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "1.5"
          },
          {
            "_id": null,
            "model": "tomboy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "one application server platform edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "x0"
          },
          {
            "_id": null,
            "model": "project openssl h",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "ecda",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.6"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "software opera web browser j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "project openssl i",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "bind rc2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.1"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "corporate server x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.2"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.4"
          },
          {
            "_id": null,
            "model": "appeon",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "solaris 8 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "one web server sp9",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia connector",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.0.3"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "2.0.4"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.12"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.42"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.12"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "call manager es50",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.3"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.1.7"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.50"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.1"
          },
          {
            "_id": null,
            "model": "workspace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "corporate server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "ecda",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.5"
          },
          {
            "_id": null,
            "model": "jre 07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "s8500 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "s8700 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.1"
          },
          {
            "_id": null,
            "model": "sdk 05a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "software opera web browser linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "java web proxy server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "3)4.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(2)"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "software opera web browser beta build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.2012981"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.3"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.8"
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "security mars",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "9"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "6.2"
          },
          {
            "_id": null,
            "model": "project openssl l",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "sdk 003",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.53"
          },
          {
            "_id": null,
            "model": "reflection sp1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "14.0"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.2.3"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "java system web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "rfid enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "current pre20010701",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.15"
          },
          {
            "_id": null,
            "model": "f...",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.0"
          },
          {
            "_id": null,
            "model": "jdk b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.7"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.6"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.15"
          },
          {
            "_id": null,
            "model": "-release-p38",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "hp-ux b.11.31",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "project openssl e",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.14"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.13"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "corp banking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.4"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.2"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.14"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "java system application server enterprise edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.4"
          },
          {
            "_id": null,
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "tomboy",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.5.1"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server for ibm z/os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "linux lts powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "project openssl beta3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3.9"
          },
          {
            "_id": null,
            "model": "one web server sp8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.12"
          },
          {
            "_id": null,
            "model": "software opera web browser linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.11"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.5"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2 r1enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "5.4-stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind a6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "jdk 02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "message networking",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(0)"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "-release-p8",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.10"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3.1"
          },
          {
            "_id": null,
            "model": "-release-p17",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "secure enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "rfid enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "call manager es24",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "powerbuilder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "14.0"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "13.0.4"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44910"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser .6win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "sdk 02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "sdk 11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.11"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1-1"
          },
          {
            "_id": null,
            "model": "data integration suite di",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "linux enterprise sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "13.0"
          },
          {
            "_id": null,
            "model": "rtds",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.14"
          },
          {
            "_id": null,
            "model": "java web proxy server sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "systems weblogic server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "java system application server platform edition q1 ur1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "8.12005"
          },
          {
            "_id": null,
            "model": "data auditing",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "4.5.2"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia j",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3.3"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.05"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.9"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "reflection for secure it sp1",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.0.2"
          },
          {
            "_id": null,
            "model": "stable",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "java system web server sp10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "sdk 14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "4.10-prerelease",
            "scope": null,
            "trust": 0.3,
            "vendor": "freebsd",
            "version": null
          },
          {
            "_id": null,
            "model": "java enterprise system 2005q1",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "sdk 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.4.2"
          },
          {
            "_id": null,
            "model": "reflection sftp client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "solaris 8 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "hat red hat network satellite server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "afaria",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "s8700 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux professional oss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2007.0"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "8"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.9"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "secure linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trustix",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.02"
          },
          {
            "_id": null,
            "model": "appliance server workgroup edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "java system application server platform edition q1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "8.12005"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.680404"
          },
          {
            "_id": null,
            "model": "s8710 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "iq extended enterpirse edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.7"
          },
          {
            "_id": null,
            "model": "systems weblogic express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "jdk 13",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.12"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.11"
          },
          {
            "_id": null,
            "model": "java system application server standard 2004q2 r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.2.0"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "sdk 07a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "call manager es32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "-release-p20",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "unwired accelerator and enterprise portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.4.1"
          },
          {
            "_id": null,
            "model": "software opera web browser mac",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "java system application server enterprise edition 2005q1rhel2.1/rhel3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.1.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.3"
          },
          {
            "_id": null,
            "model": "international cryptographic infostructure",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "novell",
            "version": "2.6.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3.8"
          },
          {
            "_id": null,
            "model": "linux ppc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.1(3)"
          },
          {
            "_id": null,
            "model": "multi network firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandrakesoft",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "software opera web browser b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "workstation build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "5.5.680404"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.7"
          },
          {
            "_id": null,
            "model": "java system application server standard 2004q2 r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rpath",
            "version": "1"
          },
          {
            "_id": null,
            "model": "bind rc3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "call manager sr2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "9.01"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "call manager sr2b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2 r2 enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "java system web server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "current august",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "232006"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(0)"
          },
          {
            "_id": null,
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "messaging storage server",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 05a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "enterprise linux es",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.2"
          },
          {
            "_id": null,
            "model": "sdk 007",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.05"
          },
          {
            "_id": null,
            "model": "one web server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "intuity lx",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.1"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.13"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.x"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(1)"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "reflection for secure it",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jre 003",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.4.3"
          },
          {
            "_id": null,
            "model": "jdk 15",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.11"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.13"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "cvlan",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 099",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2 r3 enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "java enterprise system 2003q4",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "netscape",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscape",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.8"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.3.4"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2 r3 standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "bind a2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "jre beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.5.0"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.01"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.06"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.02"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.6"
          },
          {
            "_id": null,
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pardus",
            "version": "20090"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "bind a3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "3.1 rc3",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "e-biz impact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "ase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "11.5"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.03"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.23",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.02"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.12"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "java system application server enterprise 2004q2 r5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "-release-p7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.8"
          },
          {
            "_id": null,
            "model": "unwired accelerator and enterprise portal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "one web server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "jre 14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "jre 13",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "powerbuilder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "10.5"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "enterprise linux extras",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "jdk 12",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "bind b3",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "mach desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.6(1)"
          },
          {
            "_id": null,
            "model": "jdk 11",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "advanced linux environment",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sgi",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "secure global desktop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.4"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.5"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.0.2"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "2.1.4"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.13"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.04"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0.1"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "one web server sp10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "java system application server standard platform q1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "8.12005"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.52"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.10"
          },
          {
            "_id": null,
            "model": "red hat network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3)4.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "ssl360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "2.0/2"
          },
          {
            "_id": null,
            "model": "webproxy a.02.10",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.4.2"
          },
          {
            "_id": null,
            "model": "java system application server enterprise 2004q2 r4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0.0"
          },
          {
            "_id": null,
            "model": "java system web server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "computing snapgear sg710",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "secure",
            "version": "0"
          },
          {
            "_id": null,
            "model": "call manager es62",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "java system web server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "secure acs build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(1)23"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "one web server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "project openssl c",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.8"
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "bpi for healthcare",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "jdk 099",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "jre 006",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "s8500",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "0"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.3"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "powerbuilder",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "10.2.0"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.13"
          },
          {
            "_id": null,
            "model": "webproxy a.02.00",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "systems weblogic server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.1"
          },
          {
            "_id": null,
            "model": "virtualvault a.04.70",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)5.1"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "11.0"
          },
          {
            "_id": null,
            "model": "sdk 02",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "e-biz impact",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.4.5"
          },
          {
            "_id": null,
            "model": "java system application server enterprise edition q1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "8.12005"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "linux -current",
            "scope": null,
            "trust": 0.3,
            "vendor": "slackware",
            "version": null
          },
          {
            "_id": null,
            "model": "bind -p2",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "home",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.3"
          },
          {
            "_id": null,
            "model": "easerver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "_id": null,
            "model": "jdk 1.5.0.0 03",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "project openssl k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "advanced workstation for the itanium processor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "novell linux pos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154542.3(5)"
          },
          {
            "_id": null,
            "model": "ssl360",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "arkoon",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.10"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.0.3-1"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "jdk 10",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "solaris 10 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "ffi uofx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "44920"
          },
          {
            "_id": null,
            "model": "network satellite (for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "4)4.2"
          },
          {
            "_id": null,
            "model": "suse linux openexchange server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.50"
          },
          {
            "_id": null,
            "model": "-prerelease",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.9"
          },
          {
            "_id": null,
            "model": "jre",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3.0"
          },
          {
            "_id": null,
            "model": "linux professional x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "multimedia",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.0(2)"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.1.1"
          },
          {
            "_id": null,
            "model": "wide area file services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "call manager sr2c",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "java web proxy server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "13.0.5"
          },
          {
            "_id": null,
            "model": "systems weblogic express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.11"
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "fuji",
            "scope": null,
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.11"
          },
          {
            "_id": null,
            "model": "seamonkey",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.0.6"
          },
          {
            "_id": null,
            "model": "ase",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.5.2"
          },
          {
            "_id": null,
            "model": "unwired orchestrator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "afaria",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "jsse 03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.2.0"
          },
          {
            "_id": null,
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.06"
          },
          {
            "_id": null,
            "model": "one web server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "e1.0-solid",
            "scope": null,
            "trust": 0.3,
            "vendor": "openpkg",
            "version": null
          },
          {
            "_id": null,
            "model": "jre 003",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "suse linux retail solution",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.5.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(2)"
          },
          {
            "_id": null,
            "model": "afaria",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "systems weblogic server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "suse linux standard server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.0"
          },
          {
            "_id": null,
            "model": "hardware management console for pseries r5.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "netscape",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netscape",
            "version": "7.2"
          },
          {
            "_id": null,
            "model": "-release/alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "ffi bptw",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1(3)"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "java web proxy server sp6",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.5"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.4"
          },
          {
            "_id": null,
            "model": "java system application server 2004q2 r2 standard",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3.2"
          },
          {
            "_id": null,
            "model": "call manager 4.1 sr4",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "openvms secure web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1-1"
          },
          {
            "_id": null,
            "model": "virtualvault a.04.60",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "0"
          },
          {
            "_id": null,
            "model": "afaria",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2.1"
          },
          {
            "_id": null,
            "model": "-release-p14",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "reflection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "attachmate",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "java enterprise system 2005q4",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "systems weblogic express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "hat fedora core5",
            "scope": null,
            "trust": 0.3,
            "vendor": "red",
            "version": null
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.02"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.0"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.1"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "ipcop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ipcop",
            "version": "1.4.10"
          },
          {
            "_id": null,
            "model": "systems weblogic server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0.3"
          },
          {
            "_id": null,
            "model": "firewalll",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "one web proxy server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "sdk 01a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3.1"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.15"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.7"
          },
          {
            "_id": null,
            "model": "beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.04"
          },
          {
            "_id": null,
            "model": "solaris 9 x86 update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "5"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.5"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.0.x"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "1.2"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154543.4"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.5"
          },
          {
            "_id": null,
            "model": "network security services",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.11.3"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.14"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.11"
          },
          {
            "_id": null,
            "model": "openbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openbsd",
            "version": "3.8"
          },
          {
            "_id": null,
            "model": "ons ios-based blades",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "15454"
          },
          {
            "_id": null,
            "model": "jre 004",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.2"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.23"
          },
          {
            "_id": null,
            "model": "systems weblogic server sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.07"
          },
          {
            "_id": null,
            "model": "siparator",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.3"
          },
          {
            "_id": null,
            "model": "rfid enterprise",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.11"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.07"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.12"
          },
          {
            "_id": null,
            "model": "financials server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "navision",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "8.1"
          },
          {
            "_id": null,
            "model": "legion of the bouncy castle java cryptography api",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "the",
            "version": "1.37"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "-stablepre2002-03-07",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "unified presence server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "1.0(2)"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server for ibm z/os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia connector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "thunderbird",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.8"
          },
          {
            "_id": null,
            "model": "ffi cons banking",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "0"
          },
          {
            "_id": null,
            "model": "alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "project openssl a",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "call manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.2(3)"
          },
          {
            "_id": null,
            "model": "mac os server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.3.9"
          },
          {
            "_id": null,
            "model": "java enterprise system 2004q2",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "securefx",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "van dyke",
            "version": "4.0.2"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.1"
          },
          {
            "_id": null,
            "model": "java system web server sp7",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl f",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "ciscoworks common management foundation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.2"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.01"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "9"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.5"
          },
          {
            "_id": null,
            "model": "hp-ux b.11.11",
            "scope": null,
            "trust": 0.3,
            "vendor": "hp",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser 3win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "esx server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.5.4"
          },
          {
            "_id": null,
            "model": "java web proxy server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.06"
          },
          {
            "_id": null,
            "model": "call manager es40",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "novell linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "jre 09",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.6"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "netbsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "netbsd",
            "version": "2.0.3"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "software opera web browser 2win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "8.01"
          },
          {
            "_id": null,
            "model": "secure acs for windows server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "-stablepre050201",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.2"
          },
          {
            "_id": null,
            "model": "ids",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "appeon",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.8"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.0.7"
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.4"
          },
          {
            "_id": null,
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.4"
          },
          {
            "_id": null,
            "model": "bpi for healthcare",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.2.1"
          },
          {
            "_id": null,
            "model": "java web proxy server sp5",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "sdk .0 05",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "jre 003",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "10.0x86"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "bind -p1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.2"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "slackware",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "40003.1.59.24"
          },
          {
            "_id": null,
            "model": "sdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "hardware management console for iseries r1.0",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "ons optical transport platform",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154544.5"
          },
          {
            "_id": null,
            "model": "open-enterprise-server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.20"
          },
          {
            "_id": null,
            "model": "unitedlinux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.1.1"
          },
          {
            "_id": null,
            "model": "java system web server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "series airespace wireless lan controller",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "20003.1.59.24"
          },
          {
            "_id": null,
            "model": "linux personal x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.1"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "7.0.0.14"
          },
          {
            "_id": null,
            "model": "sdk .0 01",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.4"
          },
          {
            "_id": null,
            "model": "appliance server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "turbolinux",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "software opera web browser",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.12"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "5.0.193"
          },
          {
            "_id": null,
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "6.10"
          },
          {
            "_id": null,
            "model": "call manager sr1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "gss global site selector",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4480"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "10.0"
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.15"
          },
          {
            "_id": null,
            "model": "systems weblogic server for win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.0"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.6.4"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.7"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "8.2"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "1.0.2.2"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "mac os",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "x10.4.10"
          },
          {
            "_id": null,
            "model": "ace",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0"
          },
          {
            "_id": null,
            "model": "s8300 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "systems weblogic express for win32 sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.14"
          },
          {
            "_id": null,
            "model": "http server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "9.0.3.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "jre .0 03",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "project openssl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.5"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.3.1"
          },
          {
            "_id": null,
            "model": "secure acs for windows nt",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "freebsd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "mfolio",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.3.1"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server for ibm z/os",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "5.2.1"
          },
          {
            "_id": null,
            "model": "enterprise linux ws ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "s8710 r2.0.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.11"
          },
          {
            "_id": null,
            "model": "openpkg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openpkg",
            "version": "2.3"
          },
          {
            "_id": null,
            "model": "bind rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3.3"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "solaris 9 sparc",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "bind b1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "3.2"
          },
          {
            "_id": null,
            "model": "jdk 003",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.1.8"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "1.3"
          },
          {
            "_id": null,
            "model": "player",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "1.0.2"
          },
          {
            "_id": null,
            "model": "sip proxy server",
            "scope": null,
            "trust": 0.3,
            "vendor": "cisco",
            "version": null
          },
          {
            "_id": null,
            "model": "secure acs for unix",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "2.3.6.1"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.2.3"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "bind b2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.4"
          },
          {
            "_id": null,
            "model": "software opera web browser win32 beta",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "7.02"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.5"
          },
          {
            "_id": null,
            "model": "secure acs solution engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "3.3.2"
          },
          {
            "_id": null,
            "model": "systems weblogic express",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "linux i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "5.10"
          },
          {
            "_id": null,
            "model": "openoffice",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openoffice",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.6"
          },
          {
            "_id": null,
            "model": "firefox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "1.5.8"
          },
          {
            "_id": null,
            "model": "linux m68k",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "ons 15454sdh",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.0(2)"
          },
          {
            "_id": null,
            "model": "messaging storage server mm3.0",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.7"
          },
          {
            "_id": null,
            "model": "enterprise linux ws",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "_id": null,
            "model": "s8500 cm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "network security services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mozilla",
            "version": "3.11"
          },
          {
            "_id": null,
            "model": "hat enterprise linux as ia64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "red",
            "version": "2.1"
          },
          {
            "_id": null,
            "model": "openvpn",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openvpn",
            "version": "2.0.7"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.4"
          },
          {
            "_id": null,
            "model": "ons mspp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "154540"
          },
          {
            "_id": null,
            "model": "jsse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.0.3"
          },
          {
            "_id": null,
            "model": "current pre20010805",
            "scope": null,
            "trust": 0.3,
            "vendor": "netbsd",
            "version": null
          },
          {
            "_id": null,
            "model": "software opera web browser win32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "java web proxy server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "software opera web browser linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "5.0"
          },
          {
            "_id": null,
            "model": "call manager es55",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.1"
          },
          {
            "_id": null,
            "model": "eii avaki sdf",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "player build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "vmware",
            "version": "2.0.380004"
          },
          {
            "_id": null,
            "model": "legion of the bouncy castle java cryptography api",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "the",
            "version": "1.38"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.2"
          },
          {
            "_id": null,
            "model": "linux alpha",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "3.1"
          },
          {
            "_id": null,
            "model": "security agent",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "4.5.1.657"
          },
          {
            "_id": null,
            "model": "software opera web browser linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opera",
            "version": "6.0.2"
          },
          {
            "_id": null,
            "model": "systems weblogic server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "9.1"
          },
          {
            "_id": null,
            "model": "java system web server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.1"
          },
          {
            "_id": null,
            "model": "firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ingate",
            "version": "4.2.1"
          },
          {
            "_id": null,
            "model": "java web proxy server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "3.6"
          },
          {
            "_id": null,
            "model": "solaris update",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "95"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.3"
          },
          {
            "_id": null,
            "model": "solonde etl",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "4.0"
          },
          {
            "_id": null,
            "model": "jdk",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "1.2.1"
          },
          {
            "_id": null,
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "2006.0"
          },
          {
            "_id": null,
            "model": "project openssl beta1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.7"
          },
          {
            "_id": null,
            "model": "-releng",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "5.3"
          },
          {
            "_id": null,
            "model": "iq",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "12.5"
          },
          {
            "_id": null,
            "model": "-stable",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.6"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.0.2"
          },
          {
            "_id": null,
            "model": "aura sip enablement services",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.3"
          },
          {
            "_id": null,
            "model": "s8700 r2.0.1",
            "scope": null,
            "trust": 0.3,
            "vendor": "avaya",
            "version": null
          },
          {
            "_id": null,
            "model": "vshell",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "van dyke",
            "version": "3.0"
          },
          {
            "_id": null,
            "model": "bind",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "isc",
            "version": "9.1.3"
          },
          {
            "_id": null,
            "model": "system management homepage",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "hp",
            "version": "2.1.8"
          },
          {
            "_id": null,
            "model": "application control engine module",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "cisco",
            "version": "0"
          },
          {
            "_id": null,
            "model": "solaris 9 x86",
            "scope": null,
            "trust": 0.3,
            "vendor": "sun",
            "version": null
          },
          {
            "_id": null,
            "model": "project openssl m",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "linux professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "_id": null,
            "model": "systems weblogic express sp",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bea",
            "version": "8.13"
          },
          {
            "_id": null,
            "model": "project openssl b",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.2"
          },
          {
            "_id": null,
            "model": "-release",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "freebsd",
            "version": "4.3"
          },
          {
            "_id": null,
            "model": "interactive response",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avaya",
            "version": "2.0"
          },
          {
            "_id": null,
            "model": "easerver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sybase",
            "version": "5.1"
          },
          {
            "_id": null,
            "model": "java system web server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sun",
            "version": "6.0"
          },
          {
            "_id": null,
            "model": "project openssl j",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "openssl",
            "version": "0.9.6"
          },
          {
            "_id": null,
            "model": "communications security ssh tectia server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ssh",
            "version": "4.4.3"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723736"
          },
          {
            "db": "CERT/CC",
            "id": "VU#247744"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "19849"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6721"
          }
        ]
      },
      "configurations": {
        "_id": null,
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:bouncycastle:bouncy-castle-crypto-package",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          }
        ]
      },
      "credits": {
        "_id": null,
        "data": "Dr. S. N. Henson NISCC uniras@niscc.gov.uk",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2007-6721",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2007-6721",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2007-6721",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#247744",
                "trust": 0.8,
                "value": "0.28"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#386964",
                "trust": 0.8,
                "value": "0.32"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#191336",
                "trust": 0.8,
                "value": "0.34"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#845620",
                "trust": 0.8,
                "value": "7.56"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#594904",
                "trust": 0.8,
                "value": "0.63"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#547300",
                "trust": 0.8,
                "value": "2.53"
              },
              {
                "author": "NVD",
                "id": "CVE-2007-6721",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200903-494",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#247744"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6721"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provider Package before 1.36, has unknown impact and remote attack vectors related to \"a Bleichenbacher vulnerability in simple RSA CMS signatures without signed attributes.\". Wireshark contains a vulnerability in the XOT dissector that may cause the application to crash. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. \nAn attacker may exploit this issue to sign digital certificates or RSA keys and take advantage of trust relationships that depend on these credentials, possibly posing as a trusted party and signing a certificate or key. \nAll versions prior to and including OpenSSL 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2007-6721"
          },
          {
            "db": "CERT/CC",
            "id": "VU#723736"
          },
          {
            "db": "CERT/CC",
            "id": "VU#247744"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          },
          {
            "db": "BID",
            "id": "19849"
          },
          {
            "db": "PACKETSTORM",
            "id": "51595"
          }
        ],
        "trust": 7.02
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2007-6721",
            "trust": 2.7
          },
          {
            "db": "SECUNIA",
            "id": "23280",
            "trust": 2.4
          },
          {
            "db": "SECUNIA",
            "id": "23309",
            "trust": 2.4
          },
          {
            "db": "BID",
            "id": "22083",
            "trust": 2.4
          },
          {
            "db": "SECUNIA",
            "id": "22259",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "23155",
            "trust": 1.6
          },
          {
            "db": "SECUNIA",
            "id": "22094",
            "trust": 1.6
          },
          {
            "db": "OSVDB",
            "id": "50358",
            "trust": 1.6
          },
          {
            "db": "OSVDB",
            "id": "50360",
            "trust": 1.6
          },
          {
            "db": "OSVDB",
            "id": "50359",
            "trust": 1.6
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "trust": 1.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "22679",
            "trust": 0.9
          },
          {
            "db": "BID",
            "id": "20762",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22692",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22672",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22797",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22841",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22929",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22590",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22659",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#723736",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "23340",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22671",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "23351",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22385",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "23131",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22544",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#247744",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "20246",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "21709",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1017143",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22646",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22207",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22212",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22116",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22216",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22220",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22330",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22130",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22240",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22260",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22165",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22166",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22172",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22284",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22186",
            "trust": 0.8
          },
          {
            "db": "SECUNIA",
            "id": "22193",
            "trust": 0.8
          },
          {
            "db": "BID",
            "id": "20249",
            "trust": 0.8
          },
          {
            "db": "SECTRACK",
            "id": "1016943",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "29237",
            "trust": 0.8
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716",
            "trust": 0.8
          },
          {
            "db": "MLIST",
            "id": "[DEV-CRYPTO] 20071109 BOUNCY CASTLE CRYPTO PROVIDER PACKAGE VERSION 1.36 NOW AVAILABLE",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494",
            "trust": 0.6
          },
          {
            "db": "BID",
            "id": "19849",
            "trust": 0.3
          },
          {
            "db": "PACKETSTORM",
            "id": "51595",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723736"
          },
          {
            "db": "CERT/CC",
            "id": "VU#247744"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "19849"
          },
          {
            "db": "PACKETSTORM",
            "id": "51595"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6721"
          }
        ]
      },
      "id": "VAR-200110-0170",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.24822762333333337
      },
      "last_update_date": "2026-04-10T22:39:12.079000Z",
      "patch": {
        "_id": null,
        "data": [
          {
            "title": "msg08195",
            "trust": 0.8,
            "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          }
        ]
      },
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "NVD-CWE-noinfo",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2007-6721"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 2.4,
            "url": "http://www.openssl.org/news/secadv_20060928.txt"
          },
          {
            "trust": 2.4,
            "url": "http://secunia.com/advisories/23280/"
          },
          {
            "trust": 2.4,
            "url": "http://secunia.com/advisories/23309/"
          },
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/22083"
          },
          {
            "trust": 1.9,
            "url": "http://freshmeat.net/projects/bouncycastlecryptoapi/releases/265580"
          },
          {
            "trust": 1.6,
            "url": "http://secunia.com/advisories/23155/"
          },
          {
            "trust": 1.6,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1"
          },
          {
            "trust": 1.6,
            "url": "http://www.bouncycastle.org/devmailarchive/msg08195.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.bouncycastle.org/csharp/"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/50360"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/50359"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/50358"
          },
          {
            "trust": 1.6,
            "url": "http://www.bouncycastle.org/releasenotes.html"
          },
          {
            "trust": 1.1,
            "url": "http://docs.info.apple.com/article.html?artnum=304829"
          },
          {
            "trust": 1.1,
            "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html"
          },
          {
            "trust": 0.9,
            "url": "http://secunia.com/advisories/22679/"
          },
          {
            "trust": 0.9,
            "url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.wireshark.org/security/wnpa-sec-2006-03.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20762 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22590 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22659/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22672/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22692/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22797/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22841/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22929/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/23131/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22544/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22385/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22671/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/23340/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094/"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259/"
          },
          {
            "trust": 0.8,
            "url": "http://www.f-secure.com/security/fsc-2006-6.shtml"
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/23351/"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23386964/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20246"
          },
          {
            "trust": 0.8,
            "url": "http://standards.ieee.org/announcements/pr_frames.html"
          },
          {
            "trust": 0.8,
            "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/"
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060905.txt "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/21709/"
          },
          {
            "trust": 0.8,
            "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125"
          },
          {
            "trust": 0.8,
            "url": "http://www.ietf.org/rfc/rfc3447.txt"
          },
          {
            "trust": 0.8,
            "url": "http://www.sun.com/software/products/appsrvr/index.xml"
          },
          {
            "trust": 0.8,
            "url": "http://www.sun.com/download/products.xml?id=438cfb75"
          },
          {
            "trust": 0.8,
            "url": "http://www.sun.com/download/products.xml?id=43a84f89"
          },
          {
            "trust": 0.8,
            "url": "http://www.mozilla.org/projects/security/pki/nss/"
          },
          {
            "trust": 0.8,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1 "
          },
          {
            "trust": 0.8,
            "url": "http://en.wikipedia.org/wiki/ssl"
          },
          {
            "trust": 0.8,
            "url": "http://www.frsirt.com/english/advisories/2006/4299 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1017143 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22646 "
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu%23547300/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html "
          },
          {
            "trust": 0.8,
            "url": "https://issues.rpath.com/browse/rpl-613 "
          },
          {
            "trust": 0.8,
            "url": "http://www.openssl.org/news/secadv_20060928.txt "
          },
          {
            "trust": 0.8,
            "url": "http://kolab.org/security/kolab-vendor-notice-11.txt "
          },
          {
            "trust": 0.8,
            "url": "http://openvpn.net/changelog.html "
          },
          {
            "trust": 0.8,
            "url": "http://www.serv-u.com/releasenotes/ "
          },
          {
            "trust": 0.8,
            "url": "http://openbsd.org/errata.html#openssl2 "
          },
          {
            "trust": 0.8,
            "url": "http://www.securityfocus.com/bid/20249 "
          },
          {
            "trust": 0.8,
            "url": "http://securitytracker.com/id?1016943 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22130 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22094 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22165 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22186 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22193 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22207 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22259 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22260 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22166 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22172 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22212 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22240 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22216 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22116 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22220 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22284 "
          },
          {
            "trust": 0.8,
            "url": "http://secunia.com/advisories/22330 "
          },
          {
            "trust": 0.8,
            "url": "http://xforce.iss.net/xforce/xfdb/29237 "
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6721"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6721"
          },
          {
            "trust": 0.6,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026id=3117"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-188.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-196.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-224.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-246.htm"
          },
          {
            "trust": 0.3,
            "url": "http://www.isc.org/index.pl?/sw/bind/bind9.4-beta.php"
          },
          {
            "trust": 0.3,
            "url": "http://marc.theaimsgroup.com/?l=bind-announce\u0026m=116253119512445\u0026w=2"
          },
          {
            "trust": 0.3,
            "url": "http://www.bluecoat.com"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-air-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml"
          },
          {
            "trust": 0.3,
            "url": "http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.cdc.informatik.tu-darmstadt.de/securebrowser/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=31\u0026mode=thread\u0026order=0\u0026thold=0"
          },
          {
            "trust": 0.3,
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-60.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-66.html"
          },
          {
            "trust": 0.3,
            "url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2006-023.txt.asc"
          },
          {
            "trust": 0.3,
            "url": "http://support.attachmate.com/techdocs/2137.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.ingate.com/relnote-451.php"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0735.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0661.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0675.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0676.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0677.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0733.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2006-0734.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.openssl.org/news/secadv_20060905.txt"
          },
          {
            "trust": 0.3,
            "url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
          },
          {
            "trust": 0.3,
            "url": "http://www.arkoon.fr/upload/alertes/44ak-2006-04-en-1.1_ssl360_openssl_rsa.pdf"
          },
          {
            "trust": 0.3,
            "url": "http://www1.vandyke.com/support/advisory/2007/01/845620.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.openoffice.org/security/cves/cve-2006-4339.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.bluecoat.com/support/knowledge/openssl_rsa_signature_forgery.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.slackware.com/security/list.php?l=slackware-security\u0026y=2006"
          },
          {
            "trust": 0.3,
            "url": "http://www.cyberguard.info/snapgear/releases.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102657-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102744-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/845620"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/446038"
          },
          {
            "trust": 0.3,
            "url": "http://docs.info.apple.com/article.html?artnum=307177"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2007-091.htm"
          },
          {
            "trust": 0.3,
            "url": "http://support.avaya.com/elmodocs2/security/asa-2006-250.htm"
          },
          {
            "trust": 0.3,
            "url": "https://www.itrc.hp.com/service/cki/docdisplay.do?docid=emr_na-c02475053"
          },
          {
            "trust": 0.3,
            "url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?admit=-1335382922+1174502331230+28353475\u0026docid=c00774579"
          },
          {
            "trust": 0.3,
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-january/051708.html"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2007-0062.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2007-0072.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0264.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0525.html"
          },
          {
            "trust": 0.3,
            "url": "http://rhn.redhat.com/errata/rhsa-2008-0629.html"
          },
          {
            "trust": 0.3,
            "url": "https://secure-support.novell.com/kanisaplatform/publishing/41/3143224_f.sal_public.html"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200708-1"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1"
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102759-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1\u0026searchclause="
          },
          {
            "trust": 0.3,
            "url": "http://www.sybase.com/detail?id=1047991"
          },
          {
            "trust": 0.3,
            "url": "http://www.kb.cert.org/vuls/id/594904"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/secunia_security_advisories/"
          },
          {
            "trust": 0.1,
            "url": "http://corporate.secunia.com/products/48/?r=l"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/product/96/"
          },
          {
            "trust": 0.1,
            "url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
          },
          {
            "trust": 0.1,
            "url": "http://secunia.com/about_secunia_advisories/"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723736"
          },
          {
            "db": "CERT/CC",
            "id": "VU#247744"
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964"
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336"
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620"
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904"
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300"
          },
          {
            "db": "BID",
            "id": "19849"
          },
          {
            "db": "PACKETSTORM",
            "id": "51595"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716"
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6721"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#723736",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#247744",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#191336",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#594904",
            "ident": null
          },
          {
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "db": "BID",
            "id": "19849",
            "ident": null
          },
          {
            "db": "PACKETSTORM",
            "id": "51595",
            "ident": null
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494",
            "ident": null
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2009-002716",
            "ident": null
          },
          {
            "db": "NVD",
            "id": "CVE-2007-6721",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-11-30T00:00:00",
            "db": "CERT/CC",
            "id": "VU#723736",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#247744",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2006-11-30T00:00:00",
            "db": "CERT/CC",
            "id": "VU#191336",
            "ident": null
          },
          {
            "date": "2006-09-11T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#594904",
            "ident": null
          },
          {
            "date": "2006-09-28T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2006-09-05T00:00:00",
            "db": "BID",
            "id": "19849",
            "ident": null
          },
          {
            "date": "2006-11-03T00:05:01",
            "db": "PACKETSTORM",
            "id": "51595",
            "ident": null
          },
          {
            "date": "2001-10-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200903-494",
            "ident": null
          },
          {
            "date": "2012-06-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002716",
            "ident": null
          },
          {
            "date": "2009-03-30T01:30:00.217000",
            "db": "NVD",
            "id": "CVE-2007-6721",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2006-12-20T00:00:00",
            "db": "CERT/CC",
            "id": "VU#723736",
            "ident": null
          },
          {
            "date": "2007-02-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#247744",
            "ident": null
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#386964",
            "ident": null
          },
          {
            "date": "2006-11-30T00:00:00",
            "db": "CERT/CC",
            "id": "VU#191336",
            "ident": null
          },
          {
            "date": "2007-02-08T00:00:00",
            "db": "CERT/CC",
            "id": "VU#845620",
            "ident": null
          },
          {
            "date": "2007-02-09T00:00:00",
            "db": "CERT/CC",
            "id": "VU#594904",
            "ident": null
          },
          {
            "date": "2011-07-22T00:00:00",
            "db": "CERT/CC",
            "id": "VU#547300",
            "ident": null
          },
          {
            "date": "2015-03-19T08:19:00",
            "db": "BID",
            "id": "19849",
            "ident": null
          },
          {
            "date": "2009-03-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200903-494",
            "ident": null
          },
          {
            "date": "2012-06-26T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2009-002716",
            "ident": null
          },
          {
            "date": "2025-05-12T17:37:16.527000",
            "db": "NVD",
            "id": "CVE-2007-6721",
            "ident": null
          }
        ]
      },
      "threat_type": {
        "_id": null,
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "_id": null,
        "data": "Wireshark contains an unspecified vulnerability in the XOT dissector",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#723736"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "_id": null,
        "data": "lack of information",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200903-494"
          }
        ],
        "trust": 0.6
      }
    }