Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-0444 (GCVE-0-2012-0444)
Vulnerability from cvelistv5 – Published: 2012-02-01 16:00 – Updated: 2024-08-06 18:23
VLAI
EPSS
Summary
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2012-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:31.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48043"
},
{
"name": "48095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48095"
},
{
"name": "DSA-2402",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"name": "51753",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51753"
},
{
"name": "oval:org.mitre.oval:def:14464",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"name": "DSA-2400",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"name": "SUSE-SU-2012:0198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"name": "MDVSA-2012:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"name": "DSA-2406",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"name": "SUSE-SU-2012:0221",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"name": "USN-1370-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1370-1"
},
{
"name": "mozilla-nschildview-code-exec(72858)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"name": "openSUSE-SU-2012:0234",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-10T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "48043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48043"
},
{
"name": "48095",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48095"
},
{
"name": "DSA-2402",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"name": "51753",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51753"
},
{
"name": "oval:org.mitre.oval:def:14464",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"name": "DSA-2400",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"name": "SUSE-SU-2012:0198",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"name": "MDVSA-2012:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"name": "DSA-2406",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"name": "SUSE-SU-2012:0221",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"name": "USN-1370-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1370-1"
},
{
"name": "mozilla-nschildview-code-exec(72858)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"name": "openSUSE-SU-2012:0234",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "48043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48043"
},
{
"name": "48095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48095"
},
{
"name": "DSA-2402",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"name": "51753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51753"
},
{
"name": "oval:org.mitre.oval:def:14464",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"name": "DSA-2400",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"name": "SUSE-SU-2012:0198",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"name": "MDVSA-2012:013",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"name": "DSA-2406",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"name": "SUSE-SU-2012:0221",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"name": "USN-1370-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1370-1"
},
{
"name": "mozilla-nschildview-code-exec(72858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"name": "openSUSE-SU-2012:0234",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0444",
"datePublished": "2012-02-01T16:00:00.000Z",
"dateReserved": "2012-01-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:23:31.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2012-0444",
"date": "2026-05-28",
"epss": "0.08973",
"percentile": "0.92723"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2012-0444\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-02-01T16:55:01.007\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.\"},{\"lang\":\"es\",\"value\":\"Mozilla Firefox v3.6.26 y v4.x hasta el v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 no inicializa correctamente las estructuras de datos nsChildView, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria caida de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo Ogg Vorbis debidamente manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.6.26\",\"matchCriteriaId\":\"53C747F7-8CDD-4E61-BE2C-3D5951FCADE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"10.0\",\"matchCriteriaId\":\"40D1B992-7549-4CF7-8F09-F1DC338827A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7\",\"matchCriteriaId\":\"33340DBF-AB2B-4B4C-950C-ADA839F8FF36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1.18\",\"matchCriteriaId\":\"7412321F-03E7-42AB-B191-C65445C7FED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"10.0\",\"matchCriteriaId\":\"45C23325-1FCB-4853-9567-07CE40A3428C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C757774-08E7-40AA-B532-6F705C8F7639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E8A89-7A16-411F-9D31-676313BB7244\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE554781-1EB9-446E-911F-6C11970C47F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0545634-EC4A-48E8-AB3D-49802FB11758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"60FBDD82-691C-4D9D-B71B-F9AFF6931B53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A53FF936-C785-4CEF-BAD0-3C3EB90EE466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE26596F-F10E-44EF-88CA-0080646E91B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"A6B7CDCA-6F39-4113-B5D3-3AA9D7F3D809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"436EF2ED-FDBB-4B64-8EC4-33C3E4253F06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8C91701-DF37-4F7B-AB9A-B1BFDB4991F8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87614B58-24AB-49FB-9C84-E8DDBA16353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF49D26F-142E-468B-87C1-BABEA445255C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4174F4F-149E-41A6-BBCC-D01114C05F38\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48095\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2400\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2402\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2406\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:013\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2012/mfsa2012-07.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/51753\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1370-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=719612\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/72858\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2012/dsa-2406\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mozilla.org/security/announce/2012/mfsa2012-07.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/51753\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-1370-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=719612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/72858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
BDU:2015-04387
Vulnerability from fstec - Published: None
VLAI
Title
Уязвимость операционной системы SUSE Linux Enterprise, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Description
Уязвимость пакета libvorbis операционной системы SUSE Linux Enterprise, эксплуатация которой может привести к нарушению конфиденциальности, целостности и доступности защищаемой информации. Эксплуатация уязвимости может быть осуществлена удаленно
Severity
Vendor
Novell Inc.
Software Name
SUSE Linux Enterprise
Software Version
Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)
Possible Mitigations
Установка обновления в соответствии с инструкцией по безопасности, доступной по адресу: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
Reference
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
CWE
CWE-119
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": null,
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2016",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.04.2015",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2015-04387",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2012-0444",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 libvorbis \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}
BDU:2015-04388
Vulnerability from fstec - Published: None
VLAI
Title
Уязвимость операционной системы SUSE Linux Enterprise, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Description
Уязвимость пакета libvorbis-32bit операционной системы SUSE Linux Enterprise, эксплуатация которой может привести к нарушению конфиденциальности, целостности и доступности защищаемой информации. Эксплуатация уязвимости может быть осуществлена удаленно
Severity
Vendor
Novell Inc.
Software Name
SUSE Linux Enterprise
Software Version
Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)
Possible Mitigations
Установка обновления в соответствии с инструкцией по безопасности, доступной по адресу: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
Reference
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
CWE
CWE-119
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": null,
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2016",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.04.2015",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2015-04388",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2012-0444",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 libvorbis-32bit \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}
BDU:2015-04389
Vulnerability from fstec - Published: None
VLAI
Title
Уязвимость операционной системы SUSE Linux Enterprise, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Description
Уязвимость пакета libvorbis-devel операционной системы SUSE Linux Enterprise, эксплуатация которой может привести к нарушению конфиденциальности, целостности и доступности защищаемой информации. Эксплуатация уязвимости может быть осуществлена удаленно
Severity
Vendor
Novell Inc.
Software Name
SUSE Linux Enterprise
Software Version
Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)
Possible Mitigations
Установка обновления в соответствии с инструкцией по безопасности, доступной по адресу: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
Reference
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
CWE
CWE-119
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": null,
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2016",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.04.2015",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2015-04389",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2012-0444",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 libvorbis-devel \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}
BDU:2015-04390
Vulnerability from fstec - Published: None
VLAI
Title
Уязвимость операционной системы SUSE Linux Enterprise, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Description
Уязвимость пакета libvorbis-doc операционной системы SUSE Linux Enterprise, эксплуатация которой может привести к нарушению конфиденциальности, целостности и доступности защищаемой информации. Эксплуатация уязвимости может быть осуществлена удаленно
Severity
Vendor
Novell Inc.
Software Name
SUSE Linux Enterprise
Software Version
Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)
Possible Mitigations
Установка обновления в соответствии с инструкцией по безопасности, доступной по адресу: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
Reference
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html
CWE
CWE-119
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "Server 10 SP4 (SUSE Linux Enterprise), Desktop 10 SP4 (SUSE Linux Enterprise), Server 11 SP1 (SUSE Linux Enterprise), Desktop 11 SP1 (SUSE Linux Enterprise), Server 11 SP1 FOR SP2 (SUSE Linux Enterprise), Desktop 11 SP1 FOR SP2 (SUSE Linux Enterprise)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443: http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": null,
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.11.2016",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.04.2015",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2015-04390",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2012-0444",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u0445\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-119)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u0430 libvorbis-doc \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b SUSE Linux Enterprise, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00004.html",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-119",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)"
}
CERTA-2012-AVI-047
Vulnerability from certfr_avis - Published: 2012-02-01 - Updated: 2012-02-01
Plusieurs vulnérabilités corrigées dans les produits Mozilla peuvent être exploitées pour contourner la politique de sécurité, injecter du code indirectement à distance, ou exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités ont été corrigées dans les produits de la gamme Mozilla :
- plusieurs problèmes de corruption mémoire peuvent être exploités pour exécuter du code arbitraire à distance (CVE-2012-0442, 443 et 449) ;
- un problème dans l'interprétation des adresses réticulaires peut être exploité dans certaines circonstances pour divulguer des informations sur la navigation (CVE-2011-3670) ;
- un problème dans la gestion des noms de fenêtre peut être exploité pour remplacer des fenêtres par d'autres (CVE-2012-0445) ;
- un problème d'utilisation d'un pointeur après sa libération peut être exploité pour exécuter du code arbitraire à distance (CVE-2011-3659) ;
- un manquement dans le contrôle de sécurité entre les fenêtres peut être exploité pour une injection de code indirecte à distance (CVE-2012-0446) ;
- un problème dans la gestion des tailles d'icône peut être exploité pour contourner la politique de sécurité (CVE-2012-0447) ;
- un problème de corruption mémoire lors de la lecture de fichiers Ogg Vorbis peut être exploité pour exécuter du code arbitraire à distance (CVE-2012-0444) ;
- un problème de droits lors de l'exportation de la clef Firefox Sync sur les systèmes Linux et MacOS peut être exploité pour contourner la politique de sécurité (CVE-2012-0450).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Mozilla | N/A | Seamonkey versions antérieures à 2.7. | ||
| Mozilla | Firefox | Firefox versions antérieures à 10.0 ; | ||
| Mozilla | Firefox | Firefox versions antérieures à 3.6.26 ; | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 10.0 ; | ||
| Mozilla | Thunderbird | Thunderbird versions antérieures à 3.1.18 ; |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Seamonkey versions ant\u00e9rieures \u00e0 2.7.",
"product": {
"name": "N/A",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 10.0 ;",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Firefox versions ant\u00e9rieures \u00e0 3.6.26 ;",
"product": {
"name": "Firefox",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 10.0 ;",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
},
{
"description": "Thunderbird versions ant\u00e9rieures \u00e0 3.1.18 ;",
"product": {
"name": "Thunderbird",
"vendor": {
"name": "Mozilla",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits de la gamme\nMozilla :\n\n- plusieurs probl\u00e8mes de corruption m\u00e9moire peuvent \u00eatre exploit\u00e9s\n pour ex\u00e9cuter du code arbitraire \u00e0 distance (CVE-2012-0442, 443\n et 449) ;\n- un probl\u00e8me dans l\u0027interpr\u00e9tation des adresses r\u00e9ticulaires peut\n \u00eatre exploit\u00e9 dans certaines circonstances pour divulguer des\n informations sur la navigation (CVE-2011-3670) ;\n- un probl\u00e8me dans la gestion des noms de fen\u00eatre peut \u00eatre exploit\u00e9\n pour remplacer des fen\u00eatres par d\u0027autres (CVE-2012-0445) ;\n- un probl\u00e8me d\u0027utilisation d\u0027un pointeur apr\u00e8s sa lib\u00e9ration peut\n \u00eatre exploit\u00e9 pour ex\u00e9cuter du code arbitraire \u00e0 distance\n (CVE-2011-3659) ;\n- un manquement dans le contr\u00f4le de s\u00e9curit\u00e9 entre les fen\u00eatres peut\n \u00eatre exploit\u00e9 pour une injection de code indirecte \u00e0 distance\n (CVE-2012-0446) ;\n- un probl\u00e8me dans la gestion des tailles d\u0027ic\u00f4ne peut \u00eatre exploit\u00e9\n pour contourner la politique de s\u00e9curit\u00e9 (CVE-2012-0447) ;\n- un probl\u00e8me de corruption m\u00e9moire lors de la lecture de fichiers Ogg\n Vorbis peut \u00eatre exploit\u00e9 pour ex\u00e9cuter du code arbitraire \u00e0\n distance (CVE-2012-0444) ;\n- un probl\u00e8me de droits lors de l\u0027exportation de la clef Firefox Sync\n sur les syst\u00e8mes Linux et MacOS peut \u00eatre exploit\u00e9 pour contourner\n la politique de s\u00e9curit\u00e9 (CVE-2012-0450).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-0449",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0449"
},
{
"name": "CVE-2012-0442",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0442"
},
{
"name": "CVE-2012-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0444"
},
{
"name": "CVE-2012-0447",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0447"
},
{
"name": "CVE-2011-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3670"
},
{
"name": "CVE-2012-0446",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0446"
},
{
"name": "CVE-2012-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0450"
},
{
"name": "CVE-2011-3659",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3659"
},
{
"name": "CVE-2012-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0443"
},
{
"name": "CVE-2012-0445",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0445"
}
],
"initial_release_date": "2012-02-01T00:00:00",
"last_revision_date": "2012-02-01T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-05 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-05.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-03 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-03.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-06 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-06.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-09 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-09.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-02 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-02.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-04 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-04.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-07 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-01 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-01.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla 2012/mfsa2012-08 du 31 janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-08.html"
}
],
"reference": "CERTA-2012-AVI-047",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-02-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s corrig\u00e9es dans les produits Mozilla peuvent\n\u00eatre exploit\u00e9es pour contourner la politique de s\u00e9curit\u00e9, injecter du\ncode indirectement \u00e0 distance, ou ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Mozilla",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 de la fondation Mozilla du 31 janvier 2012",
"url": null
}
]
}
CERTA-2012-AVI-091
Vulnerability from certfr_avis - Published: 2012-02-20 - Updated: 2012-03-05
Une vulnérabilité dans libvorbis permet l'exécution de code arbitraire à distance au moyen d'un fichier Ogg Vorbis spécialement conçu.
Description
Une vulnérabilité affecte la bibliothèque libvorbis. Celle-ci permet à un attaquant d'exécuter du code arbitraire à distance au moyen d'un fichier Ogg Vorbis spécialement conçu. Cette bibliothèque est utilisée par de nombreux projets.
Solution
Se référer aux bulletins de sécurité des éditeurs des logiciels utilisant cette bibliothèque pour l'obtention des correctifs (cf. section Documentation).
Toutes les versions de libvorbis antérieures à la version 1.3.3.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eToutes les versions de libvorbis ant\u00e9rieures \u00e0 la version 1.3.3.\u003c/P\u003e",
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 affecte la biblioth\u00e8que libvorbis. Celle-ci permet \u00e0\nun attaquant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen d\u0027un\nfichier Ogg Vorbis sp\u00e9cialement con\u00e7u. Cette biblioth\u00e8que est utilis\u00e9e\npar de nombreux projets.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 des \u00e9diteurs des logiciels\nutilisant cette biblioth\u00e8que pour l\u0027obtention des correctifs (cf.\nsection Documentation).\n",
"cves": [
{
"name": "CVE-2012-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0444"
}
],
"initial_release_date": "2012-02-20T00:00:00",
"last_revision_date": "2012-03-05T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Mozilla Foundation MFSA 2012-07 du 31 Janvier 2012 :",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2012:0136 du 20 f\u00e9vrier 2012 :",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0136.html"
},
{
"title": "Ensemble de changements dans le code source de libvorbis num\u00e9ro 18151 :",
"url": "https://trac.xiph.org/changeset/18151"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 2412 du 20 f\u00e9vrier 2012 :",
"url": "http://www.debian.org/security/2012/dsa-2412"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 OpenSuse #747912 du 01 mars 2012 :",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00000.html"
}
],
"reference": "CERTA-2012-AVI-091",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2012-02-20T00:00:00.000000"
},
{
"description": "ajout du bulletin de s\u00e9curit\u00e9 OpenSuse.",
"revision_date": "2012-03-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans libvorbis permet l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance au moyen d\u0027un fichier Ogg Vorbis sp\u00e9cialement con\u00e7u.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans libvorbis",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-2412-1 du 19 f\u00e9vrier 2012",
"url": null
}
]
}
FKIE_CVE-2012-0444
Vulnerability from fkie_nvd - Published: 2012-02-01 16:55 - Updated: 2026-04-29 01:13
Severity
Summary
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/48043 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/48095 | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2400 | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2402 | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2012/dsa-2406 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 | Third Party Advisory | |
| cve@mitre.org | http://www.mozilla.org/security/announce/2012/mfsa2012-07.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/51753 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-1370-1 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.mozilla.org/show_bug.cgi?id=719612 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/72858 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48043 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48095 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2400 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2402 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2406 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-07.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51753 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1370-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=719612 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/72858 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | seamonkey | * | |
| mozilla | thunderbird | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 | |
| opensuse | opensuse | 11.4 | |
| suse | linux_enterprise_desktop | 10 | |
| suse | linux_enterprise_desktop | 11 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_software_development_kit | 10 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 10.10 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C747F7-8CDD-4E61-BE2C-3D5951FCADE1",
"versionEndExcluding": "3.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40D1B992-7549-4CF7-8F09-F1DC338827A9",
"versionEndExcluding": "10.0",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33340DBF-AB2B-4B4C-950C-ADA839F8FF36",
"versionEndExcluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7412321F-03E7-42AB-B191-C65445C7FED6",
"versionEndExcluding": "3.1.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45C23325-1FCB-4853-9567-07CE40A3428C",
"versionEndExcluding": "10.0",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F0545634-EC4A-48E8-AB3D-49802FB11758",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "60FBDD82-691C-4D9D-B71B-F9AFF6931B53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A53FF936-C785-4CEF-BAD0-3C3EB90EE466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",
"matchCriteriaId": "A6B7CDCA-6F39-4113-B5D3-3AA9D7F3D809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "436EF2ED-FDBB-4B64-8EC4-33C3E4253F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E8C91701-DF37-4F7B-AB9A-B1BFDB4991F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file."
},
{
"lang": "es",
"value": "Mozilla Firefox v3.6.26 y v4.x hasta el v9.0, Thunderbird antes de v3.1.18 y v5.0 hasta la v9.0 y SeaMonkey antes de v2.7 no inicializa correctamente las estructuras de datos nsChildView, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria caida de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo Ogg Vorbis debidamente manipulado."
}
],
"id": "CVE-2012-0444",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-01T16:55:01.007",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48043"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48095"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51753"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1370-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1370-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-372V-6W9G-JMH5
Vulnerability from github – Published: 2022-05-04 00:30 – Updated: 2022-05-04 00:30
VLAI
Details
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
{
"affected": [],
"aliases": [
"CVE-2012-0444"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-02-01T16:55:00Z",
"severity": "HIGH"
},
"details": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"id": "GHSA-372v-6w9g-jmh5",
"modified": "2022-05-04T00:30:19Z",
"published": "2022-05-04T00:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0444"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48043"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48095"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"type": "WEB",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/51753"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1370-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2012-0444
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-0444",
"description": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"id": "GSD-2012-0444",
"references": [
"https://www.suse.com/security/cve/CVE-2012-0444.html",
"https://www.debian.org/security/2012/dsa-2412",
"https://www.debian.org/security/2012/dsa-2406",
"https://www.debian.org/security/2012/dsa-2402",
"https://www.debian.org/security/2012/dsa-2400",
"https://access.redhat.com/errata/RHSA-2012:0136",
"https://access.redhat.com/errata/RHSA-2012:0079",
"https://alas.aws.amazon.com/cve/html/CVE-2012-0444.html",
"https://linux.oracle.com/cve/CVE-2012-0444.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-0444"
],
"details": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"id": "GSD-2012-0444",
"modified": "2023-12-13T01:20:13.657720Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "48043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48043"
},
{
"name": "48095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48095"
},
{
"name": "DSA-2402",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"name": "51753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51753"
},
{
"name": "oval:org.mitre.oval:def:14464",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"name": "DSA-2400",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"name": "SUSE-SU-2012:0198",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"name": "MDVSA-2012:013",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"name": "DSA-2406",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"name": "SUSE-SU-2012:0221",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"name": "USN-1370-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1370-1"
},
{
"name": "mozilla-nschildview-code-exec(72858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"name": "openSUSE-SU-2012:0234",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.6.26",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.18",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.0",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0444"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=719612"
},
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-07.html"
},
{
"name": "DSA-2400",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2400"
},
{
"name": "openSUSE-SU-2012:0234",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html"
},
{
"name": "SUSE-SU-2012:0221",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html"
},
{
"name": "SUSE-SU-2012:0198",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html"
},
{
"name": "MDVSA-2012:013",
"refsource": "MANDRIVA",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:013"
},
{
"name": "51753",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51753"
},
{
"name": "mozilla-nschildview-code-exec(72858)",
"refsource": "XF",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72858"
},
{
"name": "oval:org.mitre.oval:def:14464",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464"
},
{
"name": "DSA-2406",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2406"
},
{
"name": "DSA-2402",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2012/dsa-2402"
},
{
"name": "48095",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48095"
},
{
"name": "48043",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48043"
},
{
"name": "USN-1370-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1370-1"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2020-08-28T13:12Z",
"publishedDate": "2012-02-01T16:55Z"
}
}
}
OPENSUSE-SU-2024:10024-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libvorbis-devel-1.3.5-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: libvorbis-devel-1.3.5-2.1 on GA media
Description of the patch: These are all security issues fixed in the libvorbis-devel-1.3.5-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10024
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
14 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2008-1420/ | self |
| https://www.suse.com/security/cve/CVE-2009-3379/ | self |
| https://www.suse.com/security/cve/CVE-2012-0444/ | self |
| https://www.suse.com/security/cve/CVE-2008-1420 | external |
| https://bugzilla.suse.com/372246 | external |
| https://www.suse.com/security/cve/CVE-2009-3379 | external |
| https://bugzilla.suse.com/522109 | external |
| https://bugzilla.suse.com/545277 | external |
| https://bugzilla.suse.com/608192 | external |
| https://www.suse.com/security/cve/CVE-2012-0444 | external |
| https://bugzilla.suse.com/744275 | external |
| https://bugzilla.suse.com/747912 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libvorbis-devel-1.3.5-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libvorbis-devel-1.3.5-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10024",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10024-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2008-1420 page",
"url": "https://www.suse.com/security/cve/CVE-2008-1420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3379 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0444 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0444/"
}
],
"title": "libvorbis-devel-1.3.5-2.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10024-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libvorbis-devel-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbis-devel-1.3.5-2.1.aarch64",
"product_id": "libvorbis-devel-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"product_id": "libvorbis-devel-32bit-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbis-doc-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbis-doc-1.3.5-2.1.aarch64",
"product_id": "libvorbis-doc-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbis0-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbis0-1.3.5-2.1.aarch64",
"product_id": "libvorbis0-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbis0-32bit-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbis0-32bit-1.3.5-2.1.aarch64",
"product_id": "libvorbis0-32bit-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbisenc2-1.3.5-2.1.aarch64",
"product_id": "libvorbisenc2-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"product_id": "libvorbisenc2-32bit-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbisfile3-1.3.5-2.1.aarch64",
"product_id": "libvorbisfile3-1.3.5-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"product": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"product_id": "libvorbisfile3-32bit-1.3.5-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libvorbis-devel-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbis-devel-1.3.5-2.1.ppc64le",
"product_id": "libvorbis-devel-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"product_id": "libvorbis-devel-32bit-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbis-doc-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbis-doc-1.3.5-2.1.ppc64le",
"product_id": "libvorbis-doc-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbis0-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbis0-1.3.5-2.1.ppc64le",
"product_id": "libvorbis0-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbis0-32bit-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbis0-32bit-1.3.5-2.1.ppc64le",
"product_id": "libvorbis0-32bit-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbisenc2-1.3.5-2.1.ppc64le",
"product_id": "libvorbisenc2-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"product_id": "libvorbisenc2-32bit-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbisfile3-1.3.5-2.1.ppc64le",
"product_id": "libvorbisfile3-1.3.5-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"product": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"product_id": "libvorbisfile3-32bit-1.3.5-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libvorbis-devel-1.3.5-2.1.s390x",
"product": {
"name": "libvorbis-devel-1.3.5-2.1.s390x",
"product_id": "libvorbis-devel-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbis-devel-32bit-1.3.5-2.1.s390x",
"product": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.s390x",
"product_id": "libvorbis-devel-32bit-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbis-doc-1.3.5-2.1.s390x",
"product": {
"name": "libvorbis-doc-1.3.5-2.1.s390x",
"product_id": "libvorbis-doc-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbis0-1.3.5-2.1.s390x",
"product": {
"name": "libvorbis0-1.3.5-2.1.s390x",
"product_id": "libvorbis0-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbis0-32bit-1.3.5-2.1.s390x",
"product": {
"name": "libvorbis0-32bit-1.3.5-2.1.s390x",
"product_id": "libvorbis0-32bit-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-1.3.5-2.1.s390x",
"product": {
"name": "libvorbisenc2-1.3.5-2.1.s390x",
"product_id": "libvorbisenc2-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-32bit-1.3.5-2.1.s390x",
"product": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.s390x",
"product_id": "libvorbisenc2-32bit-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-1.3.5-2.1.s390x",
"product": {
"name": "libvorbisfile3-1.3.5-2.1.s390x",
"product_id": "libvorbisfile3-1.3.5-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-32bit-1.3.5-2.1.s390x",
"product": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.s390x",
"product_id": "libvorbisfile3-32bit-1.3.5-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libvorbis-devel-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbis-devel-1.3.5-2.1.x86_64",
"product_id": "libvorbis-devel-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"product_id": "libvorbis-devel-32bit-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbis-doc-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbis-doc-1.3.5-2.1.x86_64",
"product_id": "libvorbis-doc-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbis0-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbis0-1.3.5-2.1.x86_64",
"product_id": "libvorbis0-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbis0-32bit-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbis0-32bit-1.3.5-2.1.x86_64",
"product_id": "libvorbis0-32bit-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbisenc2-1.3.5-2.1.x86_64",
"product_id": "libvorbisenc2-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"product_id": "libvorbisenc2-32bit-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbisfile3-1.3.5-2.1.x86_64",
"product_id": "libvorbisfile3-1.3.5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvorbisfile3-32bit-1.3.5-2.1.x86_64",
"product": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.x86_64",
"product_id": "libvorbisfile3-32bit-1.3.5-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbis-devel-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbis-devel-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x"
},
"product_reference": "libvorbis-devel-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbis-devel-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x"
},
"product_reference": "libvorbis-devel-32bit-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-devel-32bit-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-doc-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbis-doc-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-doc-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbis-doc-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-doc-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x"
},
"product_reference": "libvorbis-doc-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis-doc-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbis-doc-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbis0-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbis0-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x"
},
"product_reference": "libvorbis0-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbis0-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-32bit-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbis0-32bit-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-32bit-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbis0-32bit-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-32bit-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x"
},
"product_reference": "libvorbis0-32bit-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbis0-32bit-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbis0-32bit-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbisenc2-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbisenc2-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x"
},
"product_reference": "libvorbisenc2-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbisenc2-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x"
},
"product_reference": "libvorbisenc2-32bit-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisenc2-32bit-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbisfile3-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbisfile3-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x"
},
"product_reference": "libvorbisfile3-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbisfile3-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64"
},
"product_reference": "libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le"
},
"product_reference": "libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x"
},
"product_reference": "libvorbisfile3-32bit-1.3.5-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvorbisfile3-32bit-1.3.5-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
},
"product_reference": "libvorbisfile3-32bit-1.3.5-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-1420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2008-1420"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2008-1420",
"url": "https://www.suse.com/security/cve/CVE-2008-1420"
},
{
"category": "external",
"summary": "SUSE Bug 372246 for CVE-2008-1420",
"url": "https://bugzilla.suse.com/372246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2008-1420"
},
{
"cve": "CVE-2009-3379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3379"
}
],
"notes": [
{
"category": "general",
"text": "Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3379",
"url": "https://www.suse.com/security/cve/CVE-2009-3379"
},
{
"category": "external",
"summary": "SUSE Bug 522109 for CVE-2009-3379",
"url": "https://bugzilla.suse.com/522109"
},
{
"category": "external",
"summary": "SUSE Bug 545277 for CVE-2009-3379",
"url": "https://bugzilla.suse.com/545277"
},
{
"category": "external",
"summary": "SUSE Bug 608192 for CVE-2009-3379",
"url": "https://bugzilla.suse.com/608192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-3379"
},
{
"cve": "CVE-2012-0444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0444"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0444",
"url": "https://www.suse.com/security/cve/CVE-2012-0444"
},
{
"category": "external",
"summary": "SUSE Bug 744275 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/744275"
},
{
"category": "external",
"summary": "SUSE Bug 747912 for CVE-2012-0444",
"url": "https://bugzilla.suse.com/747912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-devel-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis-doc-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbis0-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisenc2-32bit-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-1.3.5-2.1.x86_64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.aarch64",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.ppc64le",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.s390x",
"openSUSE Tumbleweed:libvorbisfile3-32bit-1.3.5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2012-0444"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…